xeraph
commented
2 years ago @greg-michael this is due to invalid argument. See https://github.com/logpresso/CVE-2021-44228-Scanner/issues/209#issuecomment-1001089422
Closed greg-michael closed 2 years ago
xeraph
commented
2 years ago @greg-michael this is due to invalid argument. See https://github.com/logpresso/CVE-2021-44228-Scanner/issues/209#issuecomment-1001089422
greg-michael
commented
2 years ago @greg-michael this is due to invalid argument. See #209 (comment)
I didn't see this when I was looking through the issues list. Thanks.
After removing the trailing '\' character, it looks like it works properly.
C:\temp>log4j2-scan.exe --silent --scan-zip --scan-log4j1 --all-drives --report-path "test-log4j2.csv" --report-dir "C:\Temp" --exclude "P:" --exclude "Z:" --exclude-fs afs,cifs,autofs,tmpfs,devtmpfs,fuse.sshfs,iso9660 Logpresso CVE-2021-44228 Vulnerability Scanner 2.7.1 (2022-01-02) Scanning drives: C:\, E:\, L:\ (without P:, Z:)
Running the scanner on Windows server
log4j2-scan.exe --silent --scan-zip --scan-log4j1 --all-drives --report-path "%RPTFILE%" --report-dir "C:\Temp" --exclude "P:\" --exclude "Z:\" --exclude-fs afs,cifs,autofs,tmpfs,devtmpfs,fuse.sshfs,iso9660 2>&1 Logpresso CVE-2021-44228 Vulnerability Scanner 2.7.1 (2022-01-02) Scanning drives: C:\, E:\, L:\, P:\, Z:\ (without P:" --EXCLUDE Z:")Notice the output shows "without P:" --EXCLUDE Z:"
I don't know whether the scanner is actually excluding these paths, or just improperly displaying what is to be excluded.