From aa771658b3793d00569c2d767f7e56ae49a169af Mon Sep 17 00:00:00 2001 From: motikan2010-bot Date: Sun, 12 Dec 2021 21:13:07 +0900 Subject: [PATCH] Auto Update 2021/12/12 12:13:07 --- 2017/CVE-2017-17562.json | 4 +- 2017/CVE-2017-5645.json | 8 +- 2018/CVE-2018-8174.json | 4 +- 2019/CVE-2019-11932.json | 12 +- 2019/CVE-2019-5736.json | 4 +- 2021/CVE-2021-1675.json | 8 +- 2021/CVE-2021-21972.json | 4 +- 2021/CVE-2021-2394.json | 8 +- 2021/CVE-2021-2471.json | 4 +- 2021/CVE-2021-27905.json | 8 +- 2021/CVE-2021-3156.json | 8 +- 2021/CVE-2021-40539.json | 8 +- 2021/CVE-2021-41277.json | 4 +- 2021/CVE-2021-41653.json | 6 +- 2021/CVE-2021-42278.json | 12 +- 2021/CVE-2021-42287.json | 14 +- 2021/CVE-2021-42321.json | 4 +- 2021/CVE-2021-44077.json | 12 +- 2021/CVE-2021-44228.json | 612 ++++++++++++++++++++++++++++++--------- README.md | 12 + 20 files changed, 558 insertions(+), 198 deletions(-) diff --git a/2017/CVE-2017-17562.json b/2017/CVE-2017-17562.json index e066c80f22..d5db9a26bc 100644 --- a/2017/CVE-2017-17562.json +++ b/2017/CVE-2017-17562.json @@ -94,8 +94,8 @@ "description": "Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked.", "fork": false, "created_at": "2021-11-14T14:30:10Z", - "updated_at": "2021-12-11T18:34:22Z", - "pushed_at": "2021-11-14T15:33:44Z", + "updated_at": "2021-12-12T07:19:28Z", + "pushed_at": "2021-12-12T07:19:25Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 0, diff --git a/2017/CVE-2017-5645.json b/2017/CVE-2017-5645.json index 72fb58b1c8..06c67a8804 100644 --- a/2017/CVE-2017-5645.json +++ b/2017/CVE-2017-5645.json @@ -13,17 +13,17 @@ "description": "CVE-2017-5645 - Apache Log4j RCE due Insecure Deserialization", "fork": false, "created_at": "2017-08-04T01:12:47Z", - "updated_at": "2021-12-11T21:32:08Z", + "updated_at": "2021-12-12T10:17:02Z", "pushed_at": "2018-11-18T11:14:20Z", - "stargazers_count": 85, - "watchers_count": 85, + "stargazers_count": 87, + "watchers_count": 87, "forks_count": 30, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 30, - "watchers": 85, + "watchers": 87, "score": 0 }, { diff --git a/2018/CVE-2018-8174.json b/2018/CVE-2018-8174.json index 50328f6abb..beef24533d 100644 --- a/2018/CVE-2018-8174.json +++ b/2018/CVE-2018-8174.json @@ -44,12 +44,12 @@ "pushed_at": "2018-05-30T03:33:14Z", "stargazers_count": 135, "watchers_count": 135, - "forks_count": 61, + "forks_count": 62, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 61, + "forks": 62, "watchers": 135, "score": 0 }, diff --git a/2019/CVE-2019-11932.json b/2019/CVE-2019-11932.json index 4f53d4554a..a5b5d00911 100644 --- a/2019/CVE-2019-11932.json +++ b/2019/CVE-2019-11932.json @@ -67,17 +67,17 @@ "description": "Simple POC for exploiting WhatsApp double-free bug in DDGifSlurp in decoding.c in libpl_droidsonroids_gif", "fork": false, "created_at": "2019-10-04T14:43:57Z", - "updated_at": "2021-12-07T20:03:54Z", + "updated_at": "2021-12-12T06:15:27Z", "pushed_at": "2019-11-30T10:28:01Z", - "stargazers_count": 161, - "watchers_count": 161, - "forks_count": 85, + "stargazers_count": 162, + "watchers_count": 162, + "forks_count": 86, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 85, - "watchers": 161, + "forks": 86, + "watchers": 162, "score": 0 }, { diff --git a/2019/CVE-2019-5736.json b/2019/CVE-2019-5736.json index 3538eb031f..37090729ca 100644 --- a/2019/CVE-2019-5736.json +++ b/2019/CVE-2019-5736.json @@ -179,12 +179,12 @@ "pushed_at": "2019-02-15T09:49:46Z", "stargazers_count": 7, "watchers_count": 7, - "forks_count": 4, + "forks_count": 5, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 4, + "forks": 5, "watchers": 7, "score": 0 }, diff --git a/2021/CVE-2021-1675.json b/2021/CVE-2021-1675.json index e631ed4a25..15dbeb020b 100644 --- a/2021/CVE-2021-1675.json +++ b/2021/CVE-2021-1675.json @@ -40,17 +40,17 @@ "description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527", "fork": false, "created_at": "2021-06-29T17:24:14Z", - "updated_at": "2021-12-10T01:01:13Z", + "updated_at": "2021-12-12T06:37:59Z", "pushed_at": "2021-07-20T15:28:13Z", - "stargazers_count": 1473, - "watchers_count": 1473, + "stargazers_count": 1474, + "watchers_count": 1474, "forks_count": 544, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 544, - "watchers": 1473, + "watchers": 1474, "score": 0 }, { diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 555d587cd1..cb088f7e39 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -84,8 +84,8 @@ "description": "CVE-2021-21972 Exploit", "fork": false, "created_at": "2021-02-24T11:14:58Z", - "updated_at": "2021-12-12T03:56:03Z", - "pushed_at": "2021-12-09T12:48:03Z", + "updated_at": "2021-12-12T10:17:50Z", + "pushed_at": "2021-12-12T10:17:47Z", "stargazers_count": 327, "watchers_count": 327, "forks_count": 125, diff --git a/2021/CVE-2021-2394.json b/2021/CVE-2021-2394.json index 54ad9a2b12..9466bc061d 100644 --- a/2021/CVE-2021-2394.json +++ b/2021/CVE-2021-2394.json @@ -13,17 +13,17 @@ "description": "POC of CVE-2021-2394", "fork": false, "created_at": "2021-08-02T02:22:04Z", - "updated_at": "2021-11-20T00:38:37Z", + "updated_at": "2021-12-12T08:15:58Z", "pushed_at": "2021-10-28T14:32:31Z", - "stargazers_count": 20, - "watchers_count": 20, + "stargazers_count": 21, + "watchers_count": 21, "forks_count": 12, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 12, - "watchers": 20, + "watchers": 21, "score": 0 }, { diff --git a/2021/CVE-2021-2471.json b/2021/CVE-2021-2471.json index 349a7339e7..3e25197905 100644 --- a/2021/CVE-2021-2471.json +++ b/2021/CVE-2021-2471.json @@ -13,8 +13,8 @@ "description": "h2-jdbc(https:\/\/github.com\/h2database\/h2database\/issues\/3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reproduction.", "fork": false, "created_at": "2021-10-22T07:14:25Z", - "updated_at": "2021-11-28T05:19:45Z", - "pushed_at": "2021-10-22T07:28:11Z", + "updated_at": "2021-12-12T06:16:05Z", + "pushed_at": "2021-12-12T06:16:02Z", "stargazers_count": 47, "watchers_count": 47, "forks_count": 5, diff --git a/2021/CVE-2021-27905.json b/2021/CVE-2021-27905.json index 5c79180391..23e76f5d36 100644 --- a/2021/CVE-2021-27905.json +++ b/2021/CVE-2021-27905.json @@ -13,17 +13,17 @@ "description": "Apache Solr SSRF(CVE-2021-27905)", "fork": false, "created_at": "2021-04-21T09:27:21Z", - "updated_at": "2021-11-18T09:35:10Z", + "updated_at": "2021-12-12T09:35:12Z", "pushed_at": "2021-04-21T10:00:59Z", - "stargazers_count": 68, - "watchers_count": 68, + "stargazers_count": 69, + "watchers_count": 69, "forks_count": 26, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 26, - "watchers": 68, + "watchers": 69, "score": 0 }, { diff --git a/2021/CVE-2021-3156.json b/2021/CVE-2021-3156.json index 06ee685d30..756488ef3a 100644 --- a/2021/CVE-2021-3156.json +++ b/2021/CVE-2021-3156.json @@ -452,17 +452,17 @@ "description": null, "fork": false, "created_at": "2021-01-30T20:39:58Z", - "updated_at": "2021-12-12T01:41:27Z", + "updated_at": "2021-12-12T09:36:49Z", "pushed_at": "2021-02-02T17:07:09Z", - "stargazers_count": 783, - "watchers_count": 783, + "stargazers_count": 784, + "watchers_count": 784, "forks_count": 229, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 229, - "watchers": 783, + "watchers": 784, "score": 0 }, { diff --git a/2021/CVE-2021-40539.json b/2021/CVE-2021-40539.json index c447f5cf5a..3d8f4ffb43 100644 --- a/2021/CVE-2021-40539.json +++ b/2021/CVE-2021-40539.json @@ -40,17 +40,17 @@ "description": "Exploitation code for CVE-2021-40539", "fork": false, "created_at": "2021-11-03T14:49:27Z", - "updated_at": "2021-12-03T07:12:23Z", + "updated_at": "2021-12-12T09:04:47Z", "pushed_at": "2021-11-09T11:15:19Z", - "stargazers_count": 32, - "watchers_count": 32, + "stargazers_count": 33, + "watchers_count": 33, "forks_count": 17, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 17, - "watchers": 32, + "watchers": 33, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-41277.json b/2021/CVE-2021-41277.json index 481a05d3f2..2c519252e3 100644 --- a/2021/CVE-2021-41277.json +++ b/2021/CVE-2021-41277.json @@ -238,12 +238,12 @@ "pushed_at": "2021-12-06T10:23:45Z", "stargazers_count": 7, "watchers_count": 7, - "forks_count": 4, + "forks_count": 5, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 4, + "forks": 5, "watchers": 7, "score": 0 } diff --git a/2021/CVE-2021-41653.json b/2021/CVE-2021-41653.json index 8efe917c61..b73bfeb984 100644 --- a/2021/CVE-2021-41653.json +++ b/2021/CVE-2021-41653.json @@ -14,15 +14,15 @@ "fork": false, "created_at": "2021-11-28T01:15:36Z", "updated_at": "2021-12-05T06:19:56Z", - "pushed_at": "2021-11-28T01:16:39Z", + "pushed_at": "2021-12-12T09:02:28Z", "stargazers_count": 4, "watchers_count": 4, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 4, "score": 0 } diff --git a/2021/CVE-2021-42278.json b/2021/CVE-2021-42278.json index beee75191d..0c08be0c1e 100644 --- a/2021/CVE-2021-42278.json +++ b/2021/CVE-2021-42278.json @@ -13,11 +13,11 @@ "description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ", "fork": false, "created_at": "2021-12-11T15:10:30Z", - "updated_at": "2021-12-12T05:41:51Z", + "updated_at": "2021-12-12T11:36:02Z", "pushed_at": "2021-12-11T15:43:11Z", - "stargazers_count": 29, - "watchers_count": 29, - "forks_count": 5, + "stargazers_count": 41, + "watchers_count": 41, + "forks_count": 10, "allow_forking": true, "is_template": false, "topics": [ @@ -27,8 +27,8 @@ "s4u2self" ], "visibility": "public", - "forks": 5, - "watchers": 29, + "forks": 10, + "watchers": 41, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-42287.json b/2021/CVE-2021-42287.json index 0b45ad0277..4007587346 100644 --- a/2021/CVE-2021-42287.json +++ b/2021/CVE-2021-42287.json @@ -13,17 +13,17 @@ "description": "CVE-2021-42287\/CVE-2021-42278 Scanner & Exploiter.", "fork": false, "created_at": "2021-12-11T19:27:30Z", - "updated_at": "2021-12-12T06:10:42Z", - "pushed_at": "2021-12-11T19:36:16Z", - "stargazers_count": 136, - "watchers_count": 136, - "forks_count": 21, + "updated_at": "2021-12-12T12:11:01Z", + "pushed_at": "2021-12-12T10:50:54Z", + "stargazers_count": 291, + "watchers_count": 291, + "forks_count": 56, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 21, - "watchers": 136, + "forks": 56, + "watchers": 291, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-42321.json b/2021/CVE-2021-42321.json index 66ddde17e2..127f933de4 100644 --- a/2021/CVE-2021-42321.json +++ b/2021/CVE-2021-42321.json @@ -17,12 +17,12 @@ "pushed_at": "2021-11-23T02:33:47Z", "stargazers_count": 54, "watchers_count": 54, - "forks_count": 21, + "forks_count": 22, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 21, + "forks": 22, "watchers": 54, "score": 0 } diff --git a/2021/CVE-2021-44077.json b/2021/CVE-2021-44077.json index bf8274a1a1..69bd064b8d 100644 --- a/2021/CVE-2021-44077.json +++ b/2021/CVE-2021-44077.json @@ -13,17 +13,17 @@ "description": "Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077", "fork": false, "created_at": "2021-12-08T20:24:38Z", - "updated_at": "2021-12-10T13:06:16Z", + "updated_at": "2021-12-12T07:01:32Z", "pushed_at": "2021-12-08T21:43:16Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 1, + "stargazers_count": 17, + "watchers_count": 17, + "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 1, - "watchers": 16, + "forks": 2, + "watchers": 17, "score": 0 } ] \ No newline at end of file diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index 34d67cf6f9..bbdfdd17c6 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -13,17 +13,17 @@ "description": "Apache Log4j 远程代码执行", "fork": false, "created_at": "2021-12-09T15:27:38Z", - "updated_at": "2021-12-12T06:13:11Z", + "updated_at": "2021-12-12T12:11:35Z", "pushed_at": "2021-12-11T14:57:57Z", - "stargazers_count": 1498, - "watchers_count": 1498, - "forks_count": 558, + "stargazers_count": 1603, + "watchers_count": 1603, + "forks_count": 572, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 558, - "watchers": 1498, + "forks": 572, + "watchers": 1603, "score": 0 }, { @@ -121,17 +121,17 @@ "description": "Remote Code Injection In Log4j", "fork": false, "created_at": "2021-12-10T05:23:44Z", - "updated_at": "2021-12-12T06:12:30Z", - "pushed_at": "2021-12-11T18:28:16Z", - "stargazers_count": 27, - "watchers_count": 27, - "forks_count": 5, + "updated_at": "2021-12-12T12:04:14Z", + "pushed_at": "2021-12-12T11:21:26Z", + "stargazers_count": 53, + "watchers_count": 53, + "forks_count": 10, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 5, - "watchers": 27, + "forks": 10, + "watchers": 53, "score": 0 }, { @@ -148,10 +148,10 @@ "description": "Log4j-RCE (CVE-2021-44228) Proof of Concept with additional information", "fork": false, "created_at": "2021-12-10T06:15:38Z", - "updated_at": "2021-12-12T04:56:48Z", + "updated_at": "2021-12-12T11:25:05Z", "pushed_at": "2021-12-11T16:56:02Z", - "stargazers_count": 50, - "watchers_count": 50, + "stargazers_count": 57, + "watchers_count": 57, "forks_count": 14, "allow_forking": true, "is_template": false, @@ -166,7 +166,7 @@ ], "visibility": "public", "forks": 14, - "watchers": 50, + "watchers": 57, "score": 0 }, { @@ -277,11 +277,11 @@ "description": "A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer)", "fork": false, "created_at": "2021-12-10T09:16:46Z", - "updated_at": "2021-12-12T03:21:31Z", + "updated_at": "2021-12-12T09:30:03Z", "pushed_at": "2021-12-11T09:15:04Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 3, + "stargazers_count": 25, + "watchers_count": 25, + "forks_count": 4, "allow_forking": true, "is_template": false, "topics": [ @@ -291,8 +291,8 @@ "log4shell" ], "visibility": "public", - "forks": 3, - "watchers": 23, + "forks": 4, + "watchers": 25, "score": 0 }, { @@ -309,17 +309,17 @@ "description": "CVE-2021-44228 fix", "fork": false, "created_at": "2021-12-10T09:20:40Z", - "updated_at": "2021-12-10T17:13:32Z", + "updated_at": "2021-12-12T11:48:03Z", "pushed_at": "2021-12-10T09:36:32Z", - "stargazers_count": 2, - "watchers_count": 2, + "stargazers_count": 3, + "watchers_count": 3, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, - "watchers": 2, + "watchers": 3, "score": 0 }, { @@ -363,17 +363,17 @@ "description": "Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process", "fork": false, "created_at": "2021-12-10T10:10:19Z", - "updated_at": "2021-12-12T05:08:12Z", - "pushed_at": "2021-12-11T19:03:06Z", - "stargazers_count": 77, - "watchers_count": 77, + "updated_at": "2021-12-12T10:55:47Z", + "pushed_at": "2021-12-12T10:33:02Z", + "stargazers_count": 88, + "watchers_count": 88, "forks_count": 6, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 6, - "watchers": 77, + "watchers": 88, "score": 0 }, { @@ -390,17 +390,17 @@ "description": "A small server for verifing if a given java program is succeptibel to CVE-2021-44228", "fork": false, "created_at": "2021-12-10T12:35:30Z", - "updated_at": "2021-12-11T07:49:42Z", + "updated_at": "2021-12-12T11:03:15Z", "pushed_at": "2021-12-10T12:39:25Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 1, + "forks": 1, + "watchers": 4, "score": 0 }, { @@ -417,17 +417,17 @@ "description": "Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.", "fork": false, "created_at": "2021-12-10T12:38:20Z", - "updated_at": "2021-12-12T06:02:45Z", + "updated_at": "2021-12-12T12:06:34Z", "pushed_at": "2021-12-11T21:02:58Z", - "stargazers_count": 258, - "watchers_count": 258, - "forks_count": 70, + "stargazers_count": 283, + "watchers_count": 283, + "forks_count": 80, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 70, - "watchers": 258, + "forks": 80, + "watchers": 283, "score": 0 }, { @@ -564,17 +564,17 @@ "description": null, "fork": false, "created_at": "2021-12-10T17:24:47Z", - "updated_at": "2021-12-12T03:54:17Z", + "updated_at": "2021-12-12T09:21:54Z", "pushed_at": "2021-12-10T23:08:49Z", - "stargazers_count": 23, - "watchers_count": 23, - "forks_count": 2, + "stargazers_count": 26, + "watchers_count": 26, + "forks_count": 4, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 2, - "watchers": 23, + "forks": 4, + "watchers": 26, "score": 0 }, { @@ -591,17 +591,17 @@ "description": "Hashes for vulnerable LOG4J versions", "fork": false, "created_at": "2021-12-10T18:06:06Z", - "updated_at": "2021-12-12T05:18:47Z", + "updated_at": "2021-12-12T11:47:11Z", "pushed_at": "2021-12-11T04:36:38Z", - "stargazers_count": 44, - "watchers_count": 44, - "forks_count": 7, + "stargazers_count": 53, + "watchers_count": 53, + "forks_count": 9, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 7, - "watchers": 44, + "forks": 9, + "watchers": 53, "score": 0 }, { @@ -760,17 +760,17 @@ "description": "Simple Python 3 script to detect the \"Log4j\" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading", "fork": false, "created_at": "2021-12-10T21:46:18Z", - "updated_at": "2021-12-12T06:04:43Z", + "updated_at": "2021-12-12T12:11:10Z", "pushed_at": "2021-12-11T16:01:28Z", - "stargazers_count": 38, - "watchers_count": 38, + "stargazers_count": 44, + "watchers_count": 44, "forks_count": 14, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 14, - "watchers": 38, + "watchers": 44, "score": 0 }, { @@ -821,8 +821,8 @@ "description": "CVE-2021-44228 DFIR Notes", "fork": false, "created_at": "2021-12-10T22:19:16Z", - "updated_at": "2021-12-12T04:26:35Z", - "pushed_at": "2021-12-11T10:39:38Z", + "updated_at": "2021-12-12T10:24:24Z", + "pushed_at": "2021-12-12T10:24:22Z", "stargazers_count": 2, "watchers_count": 2, "forks_count": 2, @@ -848,11 +848,11 @@ "description": "🐱‍💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches", "fork": false, "created_at": "2021-12-10T22:35:00Z", - "updated_at": "2021-12-12T05:59:56Z", + "updated_at": "2021-12-12T12:05:45Z", "pushed_at": "2021-12-11T10:10:10Z", - "stargazers_count": 74, - "watchers_count": 74, - "forks_count": 17, + "stargazers_count": 90, + "watchers_count": 90, + "forks_count": 22, "allow_forking": true, "is_template": false, "topics": [ @@ -874,8 +874,8 @@ "writeups" ], "visibility": "public", - "forks": 17, - "watchers": 74, + "forks": 22, + "watchers": 90, "score": 0 }, { @@ -892,10 +892,10 @@ "description": "A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. ", "fork": false, "created_at": "2021-12-10T23:19:28Z", - "updated_at": "2021-12-12T04:38:51Z", + "updated_at": "2021-12-12T11:12:39Z", "pushed_at": "2021-12-11T15:19:29Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "forks_count": 3, "allow_forking": true, "is_template": false, @@ -907,7 +907,7 @@ ], "visibility": "public", "forks": 3, - "watchers": 7, + "watchers": 8, "score": 0 }, { @@ -951,11 +951,11 @@ "description": "Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam", "fork": false, "created_at": "2021-12-10T23:35:31Z", - "updated_at": "2021-12-12T01:05:53Z", + "updated_at": "2021-12-12T09:21:00Z", "pushed_at": "2021-12-11T15:22:42Z", - "stargazers_count": 10, - "watchers_count": 10, - "forks_count": 2, + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 3, "allow_forking": true, "is_template": false, "topics": [ @@ -965,8 +965,8 @@ "minecraft" ], "visibility": "public", - "forks": 2, - "watchers": 10, + "forks": 3, + "watchers": 13, "score": 0 }, { @@ -1064,8 +1064,8 @@ "description": "A short demo of CVE-2021-44228", "fork": false, "created_at": "2021-12-11T02:45:39Z", - "updated_at": "2021-12-12T05:19:29Z", - "pushed_at": "2021-12-11T02:46:18Z", + "updated_at": "2021-12-12T11:32:41Z", + "pushed_at": "2021-12-12T11:32:38Z", "stargazers_count": 4, "watchers_count": 4, "forks_count": 1, @@ -1110,6 +1110,33 @@ "watchers": 0, "score": 0 }, + { + "id": 437186290, + "name": "cve-2021-44228--spring-hibernate", + "full_name": "uint0\/cve-2021-44228--spring-hibernate", + "owner": { + "login": "uint0", + "id": 11325389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11325389?v=4", + "html_url": "https:\/\/github.com\/uint0" + }, + "html_url": "https:\/\/github.com\/uint0\/cve-2021-44228--spring-hibernate", + "description": "CVE-2021-44228 POC - Spring \/ Hibernate", + "fork": false, + "created_at": "2021-12-11T04:23:22Z", + "updated_at": "2021-12-12T09:41:19Z", + "pushed_at": "2021-12-11T06:25:12Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 437188129, "name": "log4j_CVE-2021-44228_tester", @@ -1185,17 +1212,17 @@ "description": "CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名", "fork": false, "created_at": "2021-12-11T07:19:11Z", - "updated_at": "2021-12-12T04:32:24Z", - "pushed_at": "2021-12-12T02:43:35Z", - "stargazers_count": 16, - "watchers_count": 16, - "forks_count": 4, + "updated_at": "2021-12-12T10:52:32Z", + "pushed_at": "2021-12-12T11:03:19Z", + "stargazers_count": 18, + "watchers_count": 18, + "forks_count": 7, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 4, - "watchers": 16, + "forks": 7, + "watchers": 18, "score": 0 }, { @@ -1212,17 +1239,17 @@ "description": null, "fork": false, "created_at": "2021-12-11T07:55:45Z", - "updated_at": "2021-12-12T05:48:53Z", + "updated_at": "2021-12-12T09:17:27Z", "pushed_at": "2021-12-11T08:07:20Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 }, { @@ -1266,17 +1293,17 @@ "description": "Log4Shell CVE-2021-44228 mitigation tester", "fork": false, "created_at": "2021-12-11T10:16:58Z", - "updated_at": "2021-12-11T16:54:22Z", - "pushed_at": "2021-12-11T16:54:19Z", - "stargazers_count": 1, - "watchers_count": 1, + "updated_at": "2021-12-12T09:12:45Z", + "pushed_at": "2021-12-12T09:12:42Z", + "stargazers_count": 2, + "watchers_count": 2, "forks_count": 0, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0 }, { @@ -1293,17 +1320,17 @@ "description": "A Nuclei Template for Apache Log4j RCE (CVE-2021-44228) Detection with WAF Bypass Payloads", "fork": false, "created_at": "2021-12-11T10:19:01Z", - "updated_at": "2021-12-12T03:51:54Z", + "updated_at": "2021-12-12T09:01:17Z", "pushed_at": "2021-12-11T10:19:51Z", - "stargazers_count": 7, - "watchers_count": 7, + "stargazers_count": 8, + "watchers_count": 8, "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", "forks": 2, - "watchers": 7, + "watchers": 8, "score": 0 }, { @@ -1320,17 +1347,22 @@ "description": "Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228", "fork": false, "created_at": "2021-12-11T11:18:46Z", - "updated_at": "2021-12-12T05:54:39Z", - "pushed_at": "2021-12-12T05:38:57Z", - "stargazers_count": 11, - "watchers_count": 11, - "forks_count": 3, + "updated_at": "2021-12-12T12:09:35Z", + "pushed_at": "2021-12-12T09:46:22Z", + "stargazers_count": 20, + "watchers_count": 20, + "forks_count": 5, "allow_forking": true, "is_template": false, - "topics": [], + "topics": [ + "cve-2021-44228", + "log4j2", + "patch", + "scanner" + ], "visibility": "public", - "forks": 3, - "watchers": 11, + "forks": 5, + "watchers": 20, "score": 0 }, { @@ -1428,8 +1460,8 @@ "description": "List of company advisories log4j", "fork": false, "created_at": "2021-12-11T12:41:38Z", - "updated_at": "2021-12-12T03:55:51Z", - "pushed_at": "2021-12-11T21:28:16Z", + "updated_at": "2021-12-12T09:46:19Z", + "pushed_at": "2021-12-12T09:46:17Z", "stargazers_count": 1, "watchers_count": 1, "forks_count": 1, @@ -1775,6 +1807,41 @@ "watchers": 0, "score": 0 }, + { + "id": 437426248, + "name": "log4j2-rce-poc", + "full_name": "unlimitedsola\/log4j2-rce-poc", + "owner": { + "login": "unlimitedsola", + "id": 3632663, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3632663?v=4", + "html_url": "https:\/\/github.com\/unlimitedsola" + }, + "html_url": "https:\/\/github.com\/unlimitedsola\/log4j2-rce-poc", + "description": "A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228\/Log4Shell).", + "fork": false, + "created_at": "2021-12-12T01:23:45Z", + "updated_at": "2021-12-12T09:59:28Z", + "pushed_at": "2021-12-12T09:59:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve-2021-44228", + "log4j2", + "log4shell", + "poc", + "proof-of-concept", + "rce", + "remote-code-execution" + ], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, { "id": 437426386, "name": "hotpatch-for-apache-log4j2", @@ -1789,17 +1856,17 @@ "description": "An agent to hotpatch the log4j RCE from CVE-2021-44228.", "fork": false, "created_at": "2021-12-12T01:24:51Z", - "updated_at": "2021-12-12T05:12:27Z", + "updated_at": "2021-12-12T12:08:44Z", "pushed_at": "2021-12-12T05:06:47Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, + "stargazers_count": 13, + "watchers_count": 13, + "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 1, + "forks": 1, + "watchers": 13, "score": 0 }, { @@ -1816,17 +1883,17 @@ "description": "An All-In-One Pure Python PoC for CVE-2021-44228", "fork": false, "created_at": "2021-12-12T02:57:49Z", - "updated_at": "2021-12-12T06:09:18Z", - "pushed_at": "2021-12-12T06:09:15Z", - "stargazers_count": 2, - "watchers_count": 2, - "forks_count": 0, + "updated_at": "2021-12-12T11:56:58Z", + "pushed_at": "2021-12-12T06:36:27Z", + "stargazers_count": 4, + "watchers_count": 4, + "forks_count": 1, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 2, + "forks": 1, + "watchers": 4, "score": 0 }, { @@ -1843,17 +1910,17 @@ "description": null, "fork": false, "created_at": "2021-12-12T02:59:54Z", - "updated_at": "2021-12-12T04:23:53Z", - "pushed_at": "2021-12-12T03:26:14Z", - "stargazers_count": 1, - "watchers_count": 1, - "forks_count": 0, + "updated_at": "2021-12-12T11:14:41Z", + "pushed_at": "2021-12-12T08:13:14Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 2, "allow_forking": true, "is_template": false, "topics": [], "visibility": "public", - "forks": 0, - "watchers": 1, + "forks": 2, + "watchers": 3, "score": 0 }, { @@ -1929,8 +1996,289 @@ "description": "Script to apply official workaround for VMware vCenter log4j vulnerability CVE-2021-44228", "fork": false, "created_at": "2021-12-12T04:23:10Z", - "updated_at": "2021-12-12T05:59:26Z", - "pushed_at": "2021-12-12T05:42:50Z", + "updated_at": "2021-12-12T10:33:26Z", + "pushed_at": "2021-12-12T10:43:16Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 1, + "score": 0 + }, + { + "id": 437479258, + "name": "CVE-2021-44228-Apache-Log4j-Rce__review", + "full_name": "creamIcec\/CVE-2021-44228-Apache-Log4j-Rce__review", + "owner": { + "login": "creamIcec", + "id": 42510470, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42510470?v=4", + "html_url": "https:\/\/github.com\/creamIcec" + }, + "html_url": "https:\/\/github.com\/creamIcec\/CVE-2021-44228-Apache-Log4j-Rce__review", + "description": "log4j2漏洞复现", + "fork": false, + "created_at": "2021-12-12T07:20:03Z", + "updated_at": "2021-12-12T07:20:03Z", + "pushed_at": "2021-12-12T07:20:04Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437482830, + "name": "CVE-2021-44228", + "full_name": "bchaber\/CVE-2021-44228", + "owner": { + "login": "bchaber", + "id": 45143424, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45143424?v=4", + "html_url": "https:\/\/github.com\/bchaber" + }, + "html_url": "https:\/\/github.com\/bchaber\/CVE-2021-44228", + "description": "My take on Log4j2 vulnerability", + "fork": false, + "created_at": "2021-12-12T07:39:51Z", + "updated_at": "2021-12-12T07:41:16Z", + "pushed_at": "2021-12-12T07:41:13Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437501121, + "name": "cve-2021-44228-helpers", + "full_name": "uint0\/cve-2021-44228-helpers", + "owner": { + "login": "uint0", + "id": 11325389, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11325389?v=4", + "html_url": "https:\/\/github.com\/uint0" + }, + "html_url": "https:\/\/github.com\/uint0\/cve-2021-44228-helpers", + "description": null, + "fork": false, + "created_at": "2021-12-12T09:21:09Z", + "updated_at": "2021-12-12T09:21:27Z", + "pushed_at": "2021-12-12T09:21:24Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437511755, + "name": "apache-log4j-poc", + "full_name": "RK800-DEV\/apache-log4j-poc", + "owner": { + "login": "RK800-DEV", + "id": 85429713, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85429713?v=4", + "html_url": "https:\/\/github.com\/RK800-DEV" + }, + "html_url": "https:\/\/github.com\/RK800-DEV\/apache-log4j-poc", + "description": "CVE-2021-44228(Apache Log4j Remote Code Execution)", + "fork": false, + "created_at": "2021-12-12T10:17:13Z", + "updated_at": "2021-12-12T10:17:47Z", + "pushed_at": "2021-12-12T10:17:44Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437512798, + "name": "log4j---CVE-2021-44228", + "full_name": "sud0x00\/log4j---CVE-2021-44228", + "owner": { + "login": "sud0x00", + "id": 91898207, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91898207?v=4", + "html_url": "https:\/\/github.com\/sud0x00" + }, + "html_url": "https:\/\/github.com\/sud0x00\/log4j---CVE-2021-44228", + "description": "On December 5, 2021, Apache identified a vulnerability (later identified as CVE-2021-44228) in their widely used Log4j logging service. The vulnerability, also known as Log4shell, enables attackers to gain full control of affected servers by allowing unauthenticated remote code execution if the user is running an application utilizing the Java logging library. Log4j is heavily integrated into a broad set of devops frameworks, enterprise IT systems, and vendor software and cloud products.", + "fork": false, + "created_at": "2021-12-12T10:22:45Z", + "updated_at": "2021-12-12T10:22:48Z", + "pushed_at": "2021-12-12T10:22:46Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437522139, + "name": "CVE-2021-44228-research", + "full_name": "mute1997\/CVE-2021-44228-research", + "owner": { + "login": "mute1997", + "id": 4436476, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4436476?v=4", + "html_url": "https:\/\/github.com\/mute1997" + }, + "html_url": "https:\/\/github.com\/mute1997\/CVE-2021-44228-research", + "description": null, + "fork": false, + "created_at": "2021-12-12T11:08:54Z", + "updated_at": "2021-12-12T11:10:28Z", + "pushed_at": "2021-12-12T11:09:26Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437525008, + "name": "cve-2021-44228-minecraft-poc", + "full_name": "myyxl\/cve-2021-44228-minecraft-poc", + "owner": { + "login": "myyxl", + "id": 22593897, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/22593897?v=4", + "html_url": "https:\/\/github.com\/myyxl" + }, + "html_url": "https:\/\/github.com\/myyxl\/cve-2021-44228-minecraft-poc", + "description": "CVE-2021-44228 Minecraft PoC", + "fork": false, + "created_at": "2021-12-12T11:22:51Z", + "updated_at": "2021-12-12T11:34:53Z", + "pushed_at": "2021-12-12T11:34:50Z", + "stargazers_count": 0, + "watchers_count": 0, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0 + }, + { + "id": 437525445, + "name": "Awesome-CVE-2021-44228", + "full_name": "RrUZi\/Awesome-CVE-2021-44228", + "owner": { + "login": "RrUZi", + "id": 43235635, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/43235635?v=4", + "html_url": "https:\/\/github.com\/RrUZi" + }, + "html_url": "https:\/\/github.com\/RrUZi\/Awesome-CVE-2021-44228", + "description": "An awesome curated list of repos for CVE-2021-44228. ``Apache Log4j 2``", + "fork": false, + "created_at": "2021-12-12T11:25:00Z", + "updated_at": "2021-12-12T11:35:58Z", + "pushed_at": "2021-12-12T11:33:43Z", + "stargazers_count": 1, + "watchers_count": 1, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve-2021-44228", + "log4j2" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0 + }, + { + "id": 437525803, + "name": "CVE-2021-44228", + "full_name": "0-x-2-2\/CVE-2021-44228", + "owner": { + "login": "0-x-2-2", + "id": 9968651, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/9968651?v=4", + "html_url": "https:\/\/github.com\/0-x-2-2" + }, + "html_url": "https:\/\/github.com\/0-x-2-2\/CVE-2021-44228", + "description": "Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :) ", + "fork": false, + "created_at": "2021-12-12T11:26:42Z", + "updated_at": "2021-12-12T12:00:06Z", + "pushed_at": "2021-12-12T11:28:23Z", + "stargazers_count": 3, + "watchers_count": 3, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "topics": [ + "cve-2021-44228", + "exploit", + "jndi", + "ldap", + "log4j", + "minecraft", + "rce" + ], + "visibility": "public", + "forks": 0, + "watchers": 3, + "score": 0 + }, + { + "id": 437526871, + "name": "log4j-poc", + "full_name": "Crane-Mocker\/log4j-poc", + "owner": { + "login": "Crane-Mocker", + "id": 46662246, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46662246?v=4", + "html_url": "https:\/\/github.com\/Crane-Mocker" + }, + "html_url": "https:\/\/github.com\/Crane-Mocker\/log4j-poc", + "description": "Poc of log4j2 (CVE-2021-44228)", + "fork": false, + "created_at": "2021-12-12T11:31:45Z", + "updated_at": "2021-12-12T11:35:13Z", + "pushed_at": "2021-12-12T11:35:11Z", "stargazers_count": 0, "watchers_count": 0, "forks_count": 0, diff --git a/README.md b/README.md index d18ae0b1fa..c0e7ae8d2c 100644 --- a/README.md +++ b/README.md @@ -3727,6 +3727,7 @@ Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and - [binganao/Log4j2-RCE](https://github.com/binganao/Log4j2-RCE) - [phoswald/sample-ldap-exploit](https://github.com/phoswald/sample-ldap-exploit) - [rakutentech/jndi-ldap-test-server](https://github.com/rakutentech/jndi-ldap-test-server) +- [uint0/cve-2021-44228--spring-hibernate](https://github.com/uint0/cve-2021-44228--spring-hibernate) - [ssstonebraker/log4j_CVE-2021-44228_tester](https://github.com/ssstonebraker/log4j_CVE-2021-44228_tester) - [saharNooby/log4j-vulnerability-patcher-agent](https://github.com/saharNooby/log4j-vulnerability-patcher-agent) - [f0ng/log4j2burpscanner](https://github.com/f0ng/log4j2burpscanner) @@ -3751,12 +3752,23 @@ Apache Log4j2 <=2.14.1 JNDI features used in configuration, log messages, and - [chilliwebs/CVE-2021-44228_Example](https://github.com/chilliwebs/CVE-2021-44228_Example) - [irgoncalves/f5-waf-enforce-sig-CVE-2021-44228](https://github.com/irgoncalves/f5-waf-enforce-sig-CVE-2021-44228) - [jeffbryner/log4j-docker-vaccine](https://github.com/jeffbryner/log4j-docker-vaccine) +- [unlimitedsola/log4j2-rce-poc](https://github.com/unlimitedsola/log4j2-rce-poc) - [corretto/hotpatch-for-apache-log4j2](https://github.com/corretto/hotpatch-for-apache-log4j2) - [alexandre-lavoie/python-log4rce](https://github.com/alexandre-lavoie/python-log4rce) - [RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs](https://github.com/RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs) - [mzlogin/CVE-2021-44228-Demo](https://github.com/mzlogin/CVE-2021-44228-Demo) - [Ghost-chu/CVE-2021-44228-quickfix-script](https://github.com/Ghost-chu/CVE-2021-44228-quickfix-script) - [blake-fm/vcenter-log4j](https://github.com/blake-fm/vcenter-log4j) +- [creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review](https://github.com/creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review) +- [bchaber/CVE-2021-44228](https://github.com/bchaber/CVE-2021-44228) +- [uint0/cve-2021-44228-helpers](https://github.com/uint0/cve-2021-44228-helpers) +- [RK800-DEV/apache-log4j-poc](https://github.com/RK800-DEV/apache-log4j-poc) +- [sud0x00/log4j---CVE-2021-44228](https://github.com/sud0x00/log4j---CVE-2021-44228) +- [mute1997/CVE-2021-44228-research](https://github.com/mute1997/CVE-2021-44228-research) +- [myyxl/cve-2021-44228-minecraft-poc](https://github.com/myyxl/cve-2021-44228-minecraft-poc) +- [RrUZi/Awesome-CVE-2021-44228](https://github.com/RrUZi/Awesome-CVE-2021-44228) +- [0-x-2-2/CVE-2021-44228](https://github.com/0-x-2-2/CVE-2021-44228) +- [Crane-Mocker/log4j-poc](https://github.com/Crane-Mocker/log4j-poc) ## 2020