Log4j CVE-2021-44228 Remediation

project_description
Explore the docs »

View Demo · Report Bug · Request Feature

Table of Contents

1. About The Project
   • Built With
2. Getting Started
   • Prerequisites
   • Installation
3. Usage
4. Roadmap
5. Contributing
6. License
7. Contact
8. Acknowledgments

About The Project

This powershell script is intended to be used by anyone looking to remediate the Log4j Vulnerability within their environment. It can target multiple machines and run remotely as a job on all or only affected devices.

(back to top)

Built With

• PowerShell

(back to top)

Getting Started

This is an example of how you may give instructions on setting up your project locally. To get a local copy up and running follow these simple example steps.

Prerequisites

You must have the appropriate rights in your environment to run administrative powershell scripts on remote machines.

Installation

1. Clone the repo or download the PowerShell script Clone:

   git clone https://github.com/digital-dev/Log4j-CVE-2021-44228-Remediation.git

   Download Script:

   wget https://raw.githubusercontent.com/digital-dev/Log4j-Remediation/main/Log4j-CVE-2021-44228-Remediation.ps1

2. Open the script within PowerShell ISE

3. Set the execution policy to allow script execution.

   Set-ExecutionPolicy Bypass -Scope CurrentUser

4. Add affected computers to the computer array by editing the "Vulnerable Computers" array.

   $vulnerable_computers = @"
    computer-1
    computer-2
    computer-n
    "@

5. Update the location where 7z.exe and 7z.dll are located on an accessible network share within the script.

   $7zip_download_location = "\\accessible_networkshare"

(back to top)

Usage

Once all of your variables have been set, executing the script will launch a job to automatically go through all listed computers, and remove the jndilookup.class from all found jar files.

Roadmap

• Add regex matching to only remove jndilookup.class from vulnerable versions of the Log4j package
• Create a custom object of all computers containing found items and actions performed on found items.

See the open issues for a full list of proposed features (and known issues).

(back to top)

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.

If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

(back to top)

License

Distributed under the GPLv3 License. See LICENSE.txt for more information.

Project Link: https://github.com/digital-dev/Log4j-CVE-2021-44228-Remediation

(back to top)