This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.
Pre-Requisits
- Python 2 must be installed on the system you are running the script from.
- You must install the python packages required to run the script:
You can do this through pip. Pip should already be installed if you have installed pyton from https://python.org.
To ensure pip is installed you can run in cmd:
py -m ensurepip --upgrade
Then install the packages:
`py -m pip install requests`
`py -m pip install shlex`
`py -m pip install subprocess`
- The script also calls Nmap, so this means Nmap must be installed on the target machine. Nmap can be downloaded from https://nmap.org/download.html
- Ensure you add nmap to the PATH environment variable during the installation.
Running the Script
- First create a list of devices you want to test. These can be in the format of IP addresses, Hostnames, CIDR addresses and a range of addresses (E.G. 192.168.0.2-192.168.0.6).
The file must be named Targets and saved in the same folder as the python script. It must be a text file. Each target or range of targets should be saved to its own new line in the file - Load up the Huntress Log4Shell Vulnerability Tester https://log4shell.huntress.com - This is a great tool created by Caleb Stewart, Jason Slagle and John Hammond.
- Copy your unique identifier string.
- Run the HuntressAutomate.py python script.
py HuntressAutomate.py
- Paste your unique Identifier and press enter. Wait for the script to run.
- Navigate back to the Huntress website and 'View Connections'. Any machines listed here are vulnerable to Log4Shell.