Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More reporting output #45

Merged
merged 15 commits into from
Dec 21, 2021
Merged

More reporting output #45

merged 15 commits into from
Dec 21, 2021

Conversation

hpryce
Copy link
Contributor

@hpryce hpryce commented Dec 21, 2021

There is more information available about log4j jars than we're currently presenting before this PR:

  • Where there is a JndiLookup class
  • If the finding was in what we think is an obfuscated jar

For the latter this builds on top of #36

@hpryce hpryce mentioned this pull request Dec 21, 2021
Closed
@hpryce
Copy link
Contributor Author

hpryce commented Dec 21, 2021

Example of new human readable match:

CVE-2021-45046 and CVE-2021-45105 detected in file examples/obfuscated/2.14.1-aaaagb.jar. log4j versions: 2.9.0-2.14.1. Reasons: jar file appeared obfuscated, byte code partially matched known version

Example of new json match format:

{"message":"CVE-2021-45046 and CVE-2021-45105 detected","filePath":"examples/obfuscated/2.14.1-aaaagb.jar","findings":["jarFileObfuscated","classBytecodePartialMatch"],"log4jVersions":["2.9.0-2.14.1"]}

nmiyake
nmiyake requested changes Dec 21, 2021
View reviewed changes
Copy link
Contributor

@nmiyake nmiyake left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Error output is missing trailing newlines, but otherwise looks good -- will approve once PR is updated to fix output.

internal/crawler/crawl.go Outdated Show resolved Hide resolved
pkg/crawl/identify.go Outdated Show resolved Hide resolved
pkg/crawl/identify.go Outdated Show resolved Hide resolved
pkg/crawl/identify.go Outdated Show resolved Hide resolved
@hpryce hpryce changed the base branch from partial_bytecode_comparison_during_identify to develop December 21, 2021 18:13
@bulldozer-bot bulldozer-bot bot merged commit 1d5302e into develop Dec 21, 2021
@bmoylan bmoylan deleted the more_reporting_output branch December 22, 2021 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nmiyake nmiyake nmiyake approved these changes

Assignees
No one assigned
Labels
merge when ready
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@hpryce @nmiyake