AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Lansweeper log4j report1/8/2023 Inner Join tblNtlogSource On tblNtlogSource.SourcenameID = Inner Join tblNtlogMessage On tblNtlogMessage.MessageID = tblNtlog.MessageID Inner Join tblNtlog On tblNtlog.AssetID = tblAssets.AssetID Inner Join tblState On tblState.State = tblAssetCustom.State Inner Join tsysIPLocations On tsysIPLocations.LocationID = Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID This is the Lansweeper report for the specific event code:Ĭoalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon, $jarFiles = Get-PSDrive -PSProvider FileSystem | ? Remove-Item $vulnerableCsv -Force -ErrorAction Silentl圜ontinue $jndiCsv = "$logFolder\log4j-jndi.csv" #List of JndiLookup.class files within jar files $vulnerableCsv = "$logFolder\log4j-vuln.csv" #List of only vulnerable log4*.jar files $manifestCsv = "$logFolder\log4j-manifest.csv" #List of all log4j*.jar files and their manifest version $targetManifestFile = "$logFolder\log4j-manifest.txt" # Temporary file for extracting manifest meta information from a text file $log4jCsv = "$logFolder\log4j.csv" # List of all log4j*.jar files $resultFile = "$logFolder\log4j-result.txt" # Final result of script, 'Not Vulnerable' or 'Vulnerable' The result is written to the eventlog, on which you can create a report in Lansweeper.Īdd-Type -AssemblyName System.IO.CompressionĪdd-Type -AssemblyName System.IO.Compression.FileSystem For those interested, you can find a powershell script below (based on the one from github) that searches for vulnerable log4j libraries.
0 Comments
Read More
Leave a Reply. |