Log in
Register
Cyber Forum
More options
Toggle width
Share this page
Share this page
Share
Share
Cyber Forum
Log in
Register
More options
Toggle width
Share this page
Share this page
Share
Share
Menu
Install the app
Install
Home
CyberWeekly Podcast
Breaking News! Podcast
Cyber Risk Rating
Forums
New posts
Forum list
Trending
Leaderboards
News Feeds
Resources
Latest reviews
Sophos X-Ops Intelix
Threat Reports
Members
Current visitors
My.CompTIA
Help Documents
Preference Center
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Tom Strickland" data-source="post: 2541" data-attributes="member: 377"><p>I wrote a PowerShell and Kaseya script to run the Qualys Log4j scanner on my endpoints and generate tickets for vulnerabilities that are found. Sharing this to use or modify as you wish.</p><p></p><p>This is definitely 1.0 code and built for my environment so it won't run on yours as-is but might be quickly tweaked to yours.</p><p></p><p>Short summary:</p><ul> <li data-xf-list-type="ul"><strong>Log4jScanner.exe</strong> is the Qualys scan utility. More details and source code on Github here: <a href="https://github.com/Qualys/log4jscanwin" target="_blank">https://github.com/Qualys/log4jscanwin</a></li> <li data-xf-list-type="ul"><strong>Procedure Log4j Scan.xml</strong> is the Kaseya script that pushes out the PS script and the scanner, runs it, and generates tickets</li> <li data-xf-list-type="ul"><strong>Log4jScan.ps1</strong> is the PS script that runs the scanner utility and parses the results</li> <li data-xf-list-type="ul">If vulnerabilities are found, the Json output from the scanner is renamed by the PS script and then picked up by the Kaseya script and put in the body of the ticket it generates</li> <li data-xf-list-type="ul">If the PS script gets an error, the error text is written to a file that the Kaseya script finds and puts in the body of a different ticket</li> </ul><p>I'll do my best to answer questions but it will be best effort and <strong>you should test everything thoroughly. </strong><u>No warranty</u>. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite6" alt=":cool:" title="Cool :cool:" loading="lazy" data-shortname=":cool:" /></p></blockquote><p></p>
[QUOTE="Tom Strickland, post: 2541, member: 377"] I wrote a PowerShell and Kaseya script to run the Qualys Log4j scanner on my endpoints and generate tickets for vulnerabilities that are found. Sharing this to use or modify as you wish. This is definitely 1.0 code and built for my environment so it won't run on yours as-is but might be quickly tweaked to yours. Short summary: [LIST] [*][B]Log4jScanner.exe[/B] is the Qualys scan utility. More details and source code on Github here: [URL]https://github.com/Qualys/log4jscanwin[/URL] [*][B]Procedure Log4j Scan.xml[/B] is the Kaseya script that pushes out the PS script and the scanner, runs it, and generates tickets [*][B]Log4jScan.ps1[/B] is the PS script that runs the scanner utility and parses the results [*]If vulnerabilities are found, the Json output from the scanner is renamed by the PS script and then picked up by the Kaseya script and put in the body of the ticket it generates [*]If the PS script gets an error, the error text is written to a file that the Kaseya script finds and puts in the body of a different ticket [/LIST] I'll do my best to answer questions but it will be best effort and [B]you should test everything thoroughly. [/B][U]No warranty[/U]. :cool: [/QUOTE]
Name
Verification
Post reply
Forums
Security
Active Exploits Discussion/Recommendations
Log4j Vulnerability Information
Top
Bottom
Home
Forums
Threat Reports
My.CompTIA
Menu