Chris Phillips teamktown
byt3bl33d3r
/ log4j_rce_check.py
Created
December 10, 2021 06:02
Python script to detect if an HTTP server is potentially vulnerable to the log4j 0day RCE (https://www.lunasec.io/docs/blog/log4j-zero-day/)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python3 | |
| ''' | |
| Needs Requests (pip3 install requests) | |
| Author: Marcello Salvati, Twitter: @byt3bl33d3r | |
| License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License) | |
| This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021. |
skoranda
/ apache-as-proxy-SameSite
Last active
January 6, 2021 12:27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Known incompatible clients. See https://www.chromium.org/updates/same-site/incompatible-clients | |
| # | |
| # All browsers on iOS 12 | |
| BrowserMatch "\(iP.+; CPU .*OS 12[_\d]*.*\) AppleWebKit\/" DO_NOT_EDIT_COOKIE=1 | |
| # Safari on MacOS 10.14 | |
| BrowserMatch "\(Macintosh;.*Mac OS X 10_14[_\d]*.*\) AppleWebKit\/.*Version\/.* Safari\/" DO_NOT_EDIT_COOKIE=1 | |
| # Embedded browsers on MacOS 10.14 | |
| BrowserMatch "^Mozilla\/[\.\d]+ \(Macintosh;.*Mac OS X 10_14[_\d]*.*\) .*AppleWebKit\/[\.\d]+ \(KHTML, like Gecko\)$" DO_NOT_EDIT_COOKIE=1 |