This web-based tool can help identify server applications that may be affected by the Log4Shell (CVE-2021-44228, CVE-2021-45046) vulnerability.
It allows you to generate a request that you can run in your environment and test if the server is vulnerable.
There are three options for using this tool:
- Use the generated JNDI snapshot and add that entry to any of the form fields on the site or add this to
HTTP Header for User-Agent.
- Your unique JNDI snapshot is
- For Internal Server: Generate a quick curl command to test your servers.
- For Public Facing Server: Just provide the address of the server and we will try to create a simulated query. Make sure you are hitting some API endpoint/form which eventually does an action in the backend. If the unique ID provided here shows up in the results section below, the server may be vulnerable and should be investigated further. If it does not show up, it does not guarantee that the server is not vulnerable.
You can use the generated cURL command below for testing:
If you submit and see results here, that means the server may be vulnerable and should be investigated further. If there are no results, it does not guarantee that the server is not vulnerable. This table will be refreshed every 10 seconds.
Next refresh in 10 seconds.
"Log4Shell" and "Logjam." Apache Log4j2 <=2.14.1 is vulnerable to remote code execution by downloading code from LDAP server using JNDI.Read more
Apache Log4j 2.15.0 is vulnerable to a denial of service (DOS) attack when using ThreadContext values and context lookups.Read more
Protection and Investigation
Analysis and Advisory - From Trend Micro Threat ResearchRead more
Trend Micro's vulnerability scanner is based on the following projects: