diff --git a/README.md b/README.md index d7a11d2..8a9c8d6 100644 --- a/README.md +++ b/README.md @@ -92,6 +92,10 @@ Detect vulnerable log4j versions on your file-system Usage: scan4log4shell local [paths] [flags] +Examples: +- Scan /var/www: scan4log4shell local /var/www +- Ignore zip & aar: scan4log4shell local . --ignore-ext .zip --ignore-ext .aar + Flags: -e, --exclude stringArray path to exclude -h, --help help for local @@ -169,6 +173,7 @@ Examples: Flags: --auth-fuzzing add auth fuzzing + --basic-auth string basic auth credentials (eg. user:pass) --caddr string address to catch the callbacks (eg. ip:port) --catcher-type string type of callback catcher (dns | ldap | tcp | none) (default "dns") --check-cve-2021-45046 check for CVE-2021-45046 @@ -210,9 +215,11 @@ Examples: - Scan multiple urls: scan4log4shell remote url https://target1.org https://target2.org - TCP catcher: scan4log4shell remote url https://target.org --catcher-type tcp --caddr 172.20.0.30:4444 - Custom headers file: scan4log4shell remote url https://target.org --headers-file ./headers.txt +- Scan url behind basic auth: scan4log4shell remote url https://target.org --basic-auth user:pass Flags: --auth-fuzzing add auth fuzzing + --basic-auth string basic auth credentials (eg. user:pass) --caddr string address to catch the callbacks (eg. ip:port) --catcher-type string type of callback catcher (dns | ldap | tcp | none) (default "dns") --check-cve-2021-45046 check for CVE-2021-45046 diff --git a/cmd/local.go b/cmd/local.go index 2ca01a3..9814b34 100644 --- a/cmd/local.go +++ b/cmd/local.go @@ -29,6 +29,8 @@ func newLocalCmd(noColor *bool, output *string, verbose *bool) *cobra.Command { Short: "Detect vulnerable log4j versions on your file-system", SilenceUsage: true, SilenceErrors: true, + Example: `- Scan /var/www: scan4log4shell local /var/www +- Ignore zip & aar: scan4log4shell local . --ignore-ext .zip --ignore-ext .aar`, RunE: func(cmd *cobra.Command, args []string) error { if *output != "" { color.NoColor = true