Log4J Scanner in PowerShell & Shell for Windows and Linux

17 Dec, 2021·
AlexIn Tech
AlexIn Tech
· 2 min read

Log4J Scanner in PowerShell & Shell for Windows and Linux

Hello! Today, I wanted to share a small vulnerability scanner developed by the Geneva-based company e-Xpert Solutions that helps detect Log4J vulnerabilities on your servers.

https://github.com/e-XpertSolutions/atdefense-research

This script was developed by: Michael Molho and David Routin.

I contributed to this project by adding the check for version 2.15, which contains a DoS vulnerability.

github-contributor

Yeah, I’m pretty proud of it because I had never participated in a GitHub project before. Seeing my name in the “Contributors” section feels great.

Update 12/20/2021: Version 2.16 is also vulnerable to a DoS vulnerability. I submitted a new pull request to update the PowerShell script.

Here’s how to use it on Windows:

  1. Download handle.exe (a Sysinternals tool) here: https://docs.microsoft.com/en-us/sysinternals/downloads/handle
  2. Place the script on your server.
  3. Run it as an administrator using this command:
powershell -ExecutionPolicy Bypass -File log4find.ps1 -HandlePath <handle.exe_filepath>

You’ll get color-coded results:

  • Green: You’re good.
  • Red: Warning, one or both vulnerabilities are present on your server.
  • Yellow: The check failed; you should manually verify.

PowerShell Log4Find Screenshot

If the check fails, I recommend using “Everything” by voidtools. It’s an incredibly fast search engine for Windows.

To use Everything, launch it as an admin and then type your search:

log4*

The asterisk “*” acts as a wildcard.

Everything Screenshot

In my case, there’s no Java on my machine, just 1000 PowerShell scripts and files/folders related to these Log4J detection scripts.

That’s it. Enjoy!

AlexIn Tech
Authors
SysOps Engineer | IT Teacher
Versatile IT Engineer with a dual specialization in System Engineering and Management, AlexIn Tech teaches IT to CFC apprentice IT specialists at ETML, the Technical School of Lausanne 🇨🇭. Passionate about IT, innovation, and knowledge sharing, he shares his discoveries and learnings here to inspire new generations.