This tool is only for learning, research and self-examination. It should not be used for illegal purposes. All risks arising from the use of this tool have nothing to do with me!
dnslog.cn is unable to access the interface from time to time due to the number of requests. If you are unable to scan, please check whether the plug-in log indicates that the Dnslog is loaded successfully, or set the dnslog to ceye.io according to the method below
English | 简体中文
Log4j2 Remote Code Execution Vulnerability, Passive Scan Plugin for BurpSuite.
Support accurate hint vulnerability parameters, vulnerability location, support multi-dnslog platform extension, automatic ignore static files.
Vulnerability detection only supports the following types for now
- Url
- Cookie
- Header
- Body(x-www-form-urlencoded)
- add RevSuit-RMI backend。
- fix domain toLowerCase by server can't match issue。
- add static-file ignore.
- add mulit poc support.
- add burpcollaborator dnslog backend,default use dnslog.cn。
- add header fuzz。
- add rc1 patch bypass。
Because there is not much time to develop the UI, you can use the following method to switch the Dnslog platform to ceye.io manually if you have the need to modify the dnslog platform temporarily first
- Download the source code and open it with any IDE.
- Log4j2Scanner.java needs to be modified from
this.backend = new DnslogCN();tothis.backend = new Ceye("<Identifier>","<api token>");, which correspond to the Identifier and API Token in ceye's profile page.. - Repackage the project using
mvn package.
Some of the code in the plugin is borrowed from the following projects