You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228
This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders
sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log| import numpy as np | |
| i = np.array(list(range(1, 50)), dtype=np.float).reshape((7, 7)) | |
| k = np.array(list(range(1, 10)), dtype=np.float).reshape((3, 3)) | |
| print("Input:"); print(i) | |
| print("Kernel:"); print(k) | |
| # Forward convolution. We need to pad the input so that we can read from | |
| # its borders. (Not doing stride etc here.) |
| syntax "go" "\.go$" | |
| # types | |
| color green "\<(bool|u?int(8|16|32|64)?|float(32|64)|complex(64|128)|byte|rune|uintptr|string|error)\>" | |
| color green "\<((<-[[:space:]]*)chan|chan[[:space:]]*<-|const|func|interface|map|struct|type|var)\>" | |
| # predefined functions | |
| color blue "\<(append|cap|close|complex|copy|delete|imag|len|make|new|panic|print|println|real|recover)\>" | |
| # control flow |
