| import { Request, Response } from "express"; | |
| import { GraphQLError, GraphQLFormattedError } from "graphql"; | |
| import { GraphQLServerOptions } from "apollo-server-core/src/graphqlOptions"; | |
| import { ApolloServer, ApolloServerExpressConfig as C } from "apollo-server-express"; | |
| export type FormatError = (graphQLError: GraphQLError, context: unknown) => GraphQLFormattedError; | |
| export type ApolloServerExpressConfig = Omit<C, "formatError"> & { | |
| formatError?: FormatError; | |
| }; |
| # Execute onto container | |
| aws ecs execute-command \ | |
| --region us-west-2 \ | |
| --cluster PeprServiceStackDev-EcsDefaultClusterMnL3mNNYNVpc18E0451A-dn35gqXUjrhi \ | |
| --task e575d819e2e04dac99387d22a5219576 \ | |
| --command /bin/bash --interactive | |
| # Run task with execute enable | |
| aws ecs run-task \ | |
| --cluster PeprServiceStackDev-EcsDefaultClusterMnL3mNNYNVpc18E0451A-dn35gqXUjrhi \ |
You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log