Log4J Vulnerability Detection Tool - Free Download
Detect Log4J Log4Shell Vulnerabilities
Enterprotect Log4J Scanner is a free vulnerability detection tool designed to identify Log4Shell vulnerabilities (known as CVE-2021-44228 and CVE-2021-45046). This standalone Windows executable (EXE) tool allows users to scan individual computers. It helps users proactively identify and mitigate security risks associated with the Log4Shell Log4J vulnerability.
Screenshot of Enterprotect Standalone Log4Shell Scanner
Disclaimer
Please note that Enterprotect Log4J / Log4Shell Scanner is distributed under the Apache License 2.0, and as such, it comes with no warranties of any kind. Users assume full responsibility for their usage of the tool, and it is recommended to thoroughly review the license terms before using it.
Functionality
Enterprotect Log4J Scanner provides the following features:
System Search: The tool scans the system to locate Java applications that may be affected by Log4J vulnerabilities, specifically targeting the Log4Shell vulnerability.
Vulnerability Detection: For each identified application, Enterprotect Log4J Scanner checks for updates to Log4J that indicate whether the application has been patched to address the Log4Shell vulnerability. The scanner examines the presence of the Log4J class "JndiLookup.class" within the application. If the class is detected and the application has not been updated to Log4J 2.16+ or Log4J 2.12.2+, it is considered vulnerable to Log4Shell.
Scan Results: After completing the scan, Enterprotect Log4J Scanner generates output files in both text (.log) and JSON (.json) formats. These files provide detailed information about the scanned applications, including their paths and vulnerability status.
Usage
To utilize Enterprotect Log4J Scanner and detect Log4J vulnerabilities, follow these steps:
Download: Obtain the Enterprotect Log4J Scanner executable (EXE) file from the official source or the designated download location.
Run the EXE: Double-click the Enterprotect Log4J Scanner EXE file to execute the tool on your Windows computer. Note that administrator privileges are required to ensure access to system resources.
Scanning Process: The scanner will automatically search your system for Java applications containing the Log4J class "JndiLookup.class," which is associated with Log4Shell vulnerabilities. The scanning process may take some time, depending on the size and complexity of the system.
View Results: Once the scan is complete, Enterprotect Log4J Scanner will generate two output files in the same directory as the EXE file. These files include:
output.log: A text file providing detailed scan results, including information about the scanned applications, their vulnerability status, and any errors encountered during the process.output.json: A JSON file containing the same information as the text file but in a structured format that can be easily parsed and processed programmatically.
Open the
output.logfile using a text editor to review the scan results. It will clearly indicate the status of each scanned application, whether it passed, failed, is unknown, or encountered an error. The paths of vulnerable applications, as well as those with unknown or error status, will be provided in the log file. Additionally, you can programmatically process theoutput.jsonfile if desired.
By following these steps, you can successfully download, run, and view the results of Enterprotect Log4J Scanner to identify Log4J vulnerabilities and mitigate the Log4Shell exploit effectively. Remember to review the scan results carefully and take appropriate actions to address any identified vulnerabilities.
Scan Results
Each scan performed by Enterprotect Log4J Scanner yields one of the following results:
PASS: The scan confirms that all Java applications detected were thoroughly examined, and no vulnerable applications were found.
FAIL: One or more vulnerable Java applications were discovered during the scan. Users should review the output files (.log and .json) for the paths of the vulnerable applications. If the scanner encounters any issues while scanning specific applications, those applications will also be listed in the output and JSON files.
UNKNOWN: No vulnerable Java applications were detected; however, the scanner was unable to detect all the scanned applications. Users should consult the output files and JSON for the paths of the applications where the scan result couldn't be determined.
ERROR: The scanner encountered an error during the scan process and was unable to complete. Users should refer to the output file for detailed information regarding the encountered error.
Requirements
To utilize Enterprotect Log4J Scanner, ensure that the following requirements are met:
The Windows system must have .NET Framework 4.5 or higher installed.
The tool must be executed with administrator privileges to ensure full access to the necessary system resources.
Choose the Right Solution for Your Needs
|
|
References
To learn more about the Log4Shell vulnerabilities and their impact, you can refer to the following National Vulnerability Database (NVD) links:
NVD - CVE-2021-44228: https://nvd.nist.gov/vuln/detail/CVE-2021-44228
NVD - CVE-2021-45046: https://nvd.nist.gov/vuln/detail/CVE-2021-45046