Skip to content

juergenhoetzel/log4j2go

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits

.github/workflows

.github/workflows

 
 

cmd/log4j2go

cmd/log4j2go

 
 

internal

internal

 
 

.gitignore

.gitignore

 
 

README.org

README.org

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

Repository files navigation

https://github.com/juergenhoetzel/log4j2go/workflows/CI/badge.svg

Installation

From source:

go install github.com/juergenhoetzel/log4j2go/cmd/log4j2go@latest

CI build Binaries for Windows, Linux and Darwin: Releases · juergenhoetzel/log4j2go · GitHub.

Usage

Recursively scan filesystem

log4j2go  ~/ghq/github.com
2021/12/18 15:45:17 Found log4j-core-2.12.2 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/false-hits/log4j-core-2.12.2.jar"
2021/12/18 15:45:17 Found log4j-core-2.16.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/false-hits/log4j-core-2.16.0.jar"
2021/12/18 15:45:17 Found log4j-core-2.0-beta2 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/old-hits/log4j-core-2.0-beta2.jar"
2021/12/18 15:45:17 Found log4j-core-2.0-beta9 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/log4j-core-2.0-beta9.jar"
2021/12/18 15:45:17 Found log4j-core-2.10.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/log4j-core-2.10.0.jar"
2021/12/18 15:45:17 Found log4j-core-2.15.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/log4j-core-2.15.0.jar"
2021/12/18 15:45:17 Found log4j-core-2.9.1 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/log4j-core-2.9.1.jar"
2021/12/18 15:45:17 Found log4j-core-2.14.1 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/shaded/clt-1.0-SNAPSHOT.jar"
2021/12/18 15:45:17 Found log4j-core-2.10.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.ear!/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.ear!WEB-INF/lib/log4j-core-2.10.0.jar"
2021/12/18 15:45:17 Found log4j-core-2.10.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.jar!/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.jar!WEB-INF/lib/log4j-core-2.10.0.jar"
2021/12/18 15:45:18 Found log4j-core-2.10.0 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.war!/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/springboot-executable/spiff-0.0.1-SNAPSHOT.war!WEB-INF/lib/log4j-core-2.10.0.jar"
2021/12/18 15:45:18 Found log4j-core-2.5 in "/home/juergen/ghq/github.com/mergebase/log4j-samples/true-hits/uber/infinispan-embedded-query-8.2.12.Final.jar"

Recursively scan root filesystem but don’t descent in mountpoints

log4j2go -samefs /

Performance

Log4j-Detector

time java -jar ~/ghq/github.com/mergebase/log4j-detector/target/log4j-detector-2021.12.17.jar ~/ghq/github.com/

real	0m14,160s
user	0m12,335s
sys	0m4,395s

Log4j2go

time log4j2go  ~/ghq/github.com/

real	0m2,844s
user	0m2,738s
sys	0m3,553s

How it works

log4j2go recursively scans the filesystem for ear, war and jar files. It first checks for log4j-core/pom.xml metadata to get the version number.

If there is no log4j-core/pom.xml file it compares the ZIP content for well-known Log4J2 filenames (org/apache/logging/log4j/core prefix) which content matches the hashes from the Maven Central artefacts. Each file is also scanned recursively if it contains jar files.

TODOS

Also search in plain .class files

About

A Log4J Version 2 Detector written in golang

Topics

log4j log4j2 cve-2021-44228 cve-2021-45046

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

1.2 Latest
Dec 19, 2021
+ 1 release

Packages

No packages published

Languages