Log4j Exploit Pattern Detection Using ColdFusion\CFML

Here are my initial attempts at trying to detect Log4j exploit attempts that may make it past our WAF/service provider protections. While our WAF stopped requests from Trend Micro’s Log4j Tester, obfuscated requests made it through. At time of testing,…


This content originally appeared on DEV Community and was authored by James Moberg

Here are my initial attempts at trying to detect Log4j exploit attempts that may make it past our WAF/service provider protections. While our WAF stopped requests from Trend Micro's Log4j Tester, obfuscated requests made it through. At time of testing, Azure wasn't blocking requests. I had to be a little careful with the script as Windows kept instantly quarantining the CFM files and prevented ColdFusion from executing the template.

Sample CFML code available at https://gist.github.com/JamoCA/6a8c612645b1b7c47eba8e317ad51d23


This content originally appeared on DEV Community and was authored by James Moberg


Print Share Comment Cite Upload Translate Updates
APA

James Moberg | Sciencx (2021-12-21T22:16:16+00:00) Log4j Exploit Pattern Detection Using ColdFusion\CFML. Retrieved from https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/

MLA
" » Log4j Exploit Pattern Detection Using ColdFusion\CFML." James Moberg | Sciencx - Tuesday December 21, 2021, https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/
HARVARD
James Moberg | Sciencx Tuesday December 21, 2021 » Log4j Exploit Pattern Detection Using ColdFusion\CFML., viewed ,<https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/>
VANCOUVER
James Moberg | Sciencx - » Log4j Exploit Pattern Detection Using ColdFusion\CFML. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/
CHICAGO
" » Log4j Exploit Pattern Detection Using ColdFusion\CFML." James Moberg | Sciencx - Accessed . https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/
IEEE
" » Log4j Exploit Pattern Detection Using ColdFusion\CFML." James Moberg | Sciencx [Online]. Available: https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/. [Accessed: ]
rf:citation
» Log4j Exploit Pattern Detection Using ColdFusion\CFML | James Moberg | Sciencx | https://www.scien.cx/2021/12/21/log4j-exploit-pattern-detection-using-coldfusioncfml/ |

Please log in to upload a file.



There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.

Related Posts