How to install the Log4j Scanner in the Kali Linux
2 min readJan 2, 2022
Description:
- This scanning tool is used for discovering and fuzzing for Log4J RCE CVE-2021–44228 vulnerability.
- This shall be used by security teams to scan their infrastructure for Log4J RCE, and also test for WAF bypasses that can result in achieving code execution on the organization’s environment.
Requirements:
- Kali Linux OS.
- Python3.
Steps For The Installation:
- Open the Kali Linux OS.
- Open the Terminal Emulator.
- Use root control.
- Type the command as shown in the below screenshot to download the log4j scanner.
Example: git clone https://github.com/google/log4jscanner.git
- Click enter.
- Type the command as shown in the below screenshot to access the path of the log4j scanner.
Example: cd log4jscanner
- Click enter.
- Type the command as shown in the below screenshot to install the requirements using the log4j scanner path.
Example: pip3 install -r requirements.txt
- Click enter.
- Type the command as shown in the below screenshot to check the list using the log4j scanner path.
Example: ls
- Click enter.
- Type the command as shown in the below screenshot for help using the log4j scanner path.
Example: ./log4j-scan.py -h
- Click enter.
- Type the command as shown in the below screenshot to perform the vulnerability scanning using the log4j scanner.
Example: python3 log4j-scan.py -u https://www.example.com
- Click enter.
