linux_find_log4j_vuln.sh

#!/bin/bash

#
# All the credit to Forescout -  https://www.forescout.com/
#

vercomp () {
    if [[ $1 == $2 ]]
    then
        return 0
    fi
    local IFS=.
    local i ver1=($1) ver2=($2)
    # fill empty fields in ver1 with zeros
    for ((i=${#ver1[@]}; i<${#ver2[@]}; i++))
    do
        ver1[i]=0
    done
    for ((i=0; i<${#ver1[@]}; i++))
    do
        if [[ -z ${ver2[i]} ]]
        then
            # fill empty fields in ver2 with zeros
            ver2[i]=0
        fi
        if ((10#${ver1[i]} > 10#${ver2[i]}))
        then
            return 1
        fi
        if ((10#${ver1[i]} < 10#${ver2[i]}))
        then
            return 2
        fi
    done
    return 0
}

testvercomp () {
    vercomp $1 $2
    case $? in
        0) op='=';;
        1) op='>';;
        2) op='<';;
    esac
    if [[ $op != $3 ]]
    then
        echo "FAIL: Expected '$3', Actual '$op', Arg1 '$1', Arg2 '$2'"
    else
        echo "Pass: '$1 $op $2'"
    fi
}

AFFECTEDVER='2.16.0'

if [[ -f "/usr/bin/locate" ]]; then
    updatedb
    VERSIONS=$(locate log4j-core | grep ".jar" | awk -F 'log4j-core-' '{print $NF}' | awk -F '.j' '{print $1}')
else
    VERSIONS=$(find / -name "*log4j-core-*" -type f 2>/dev/null| grep ".jar" | awk -F 'log4j-core-' '{print $NF}' | awk -F '.j' '{print $1}')
fi


for VER in $VERSIONS
do
    DATA=$(testvercomp $VER $AFFECTEDVER '<')
    if [[ "$DATA" == *"Pass"* ]]; then
        echo "Vulnerable Version Found"
    fi
done