Skip to content

Instantly share code, notes, and snippets.

View log4j-keywords
Neo23x0 /
Last active Jan 19, 2022
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
byt3bl33d3r /
Created Dec 10, 2021
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (
#! /usr/bin/env python3
Needs Requests (pip3 install requests)
Author: Marcello Salvati, Twitter: @byt3bl33d3r
License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License)
This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021.
import xml.etree.ElementTree as ET
import urllib
import base64
import math
import sys
import re
# usage: Open Burp, navigate to proxy history, ctrl-a to select all records, right click and "Save Items" as an .xml file.
# python burprequests.xml
# output is saved to wordlist.txt
BlackFan /
Last active Dec 22, 2021
Bootstrap XSS Collection


Bootstrap < 3.4.1 || < 4.3.1

✔️ CSP strict-dynamic bypass

Requires user interaction

Requires $('[data-toggle="tooltip"]').tooltip();

stypr /
Last active Oct 10, 2020
Harekaze CTF 2019 WEB Writeup (Yokosuka Hackers)


Simple JS Jail challenge.

It is run on context, so we have nothing but to play with constructor and console.

1337 === eval(our_input)
tomnomnom / alert.js
Last active Jan 8, 2022
Ways to alert(document.domain)
View alert.js
// How many ways can you alert(document.domain)?
// Comment with more ways and I'll add them :)
// I already know about the JSFuck way, but it's too long to add (:
// Direct invocation
View open_redirect_wordlist.txt
View 4chan
rkmylo /
Created May 22, 2017
RCTF 2017 - rFile Solution
from __future__ import division
import hashlib
import requests
from datetime import datetime, timedelta
api_url = '{}/{}'
def totimestamp(dt, epoch=datetime(1970,1,1)):
td = dt - epoch
return (td.microseconds + (td.seconds + td.days * 86400) * 10**6) / 10**6