L0g0ff

## log4j_rce_detection.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                L0g0ff
                / log4j_rce_detection.md
            
            
              Created
              January 14, 2022 16:17
                — forked from Neo23x0/log4j_rce_detection.md
            
              
                Log4j RCE CVE-2021-44228 Exploitation Detection
              
          
    log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

  
## ddrescue.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              1 star
            
          
                L0g0ff
                / ddrescue.md
            
            
              Created
              December 16, 2021 07:52
                — forked from mraspor/ddrescue.md
            
              
                Guide to Using DDRescue to Recover Data
              
          
    Guide to Using DDRescue to Recover Data

Start command:
ddrescue -d /dev/sda output.img output.mapfile

NOTE: If direct disc access is not available in your system, try raw devices.