security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added current known bypass patterns

Browse Source 
Source: https://github.com/Puliczek/CVE-2021-44228-PoC-log4j-bypass-words
This commit is contained in:
izysec
2021-12-13 15:49:08 +05:30
committed by GitHub
parent 27f1edbc8f
commit 6c8b0c8fd8
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/web/web_cve_2021_44228_log4j.yml
+4
View File
@@ -37,6 +37,10 @@ detection:
- '${${env:BARFOO:-j}'
- '${::-l}${::-d}${::-a}${::-p}'
- '${base64:JHtqbmRp'
- '${${env:ENV_NAME:-j}ndi${env:ENV_NAME:-:}${env:ENV_NAME:-l}dap${env:ENV_NAME:-:}//'
- '${${lower:j}ndi:${lower:l}${lower:d}a${lower:p}://'
- '${${upper:j}ndi:${upper:l}${upper:d}a${lower:p}://'
- '${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://'
condition: keywords
falsepositives:
- Vulnerability scanning