21.12.15 Problem: cannot read

mergebase / log4j-detector

A public open sourced tool. Log4J scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find Log4J instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! TAG_OS_TOOL, OWNER_KELLY, DC_PUBLIC

Other

638 stars 98 forks source link

21.12.15 Problem: cannot read #30

Closed Bysoultear closed 2 years ago

Bysoultear commented 2 years ago

21.12.15 the Log explode A lot of "-- Problem: cannot read" messages and not just jar,war, zip etc. ... its evry file like mp4,png,exe,dll,xml ....

juliusmusseau commented 2 years ago

That means the current user on the machine running the scan lacks permission to read those files.

Bysoultear commented 2 years ago

User = Administrator
why it scan evrything and not just jar,war, zip etc?
<21.12.15 this didnt happen

juliusmusseau commented 2 years ago

Fixed in v2021.12.16. Now it checks if file-type is interesting before it attempts to read it. Also, now the "-- Problem:" messages are always sent to STDERR.