2021-12-10 23:42:15 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
|
|
import (
|
2021-12-10 23:47:59 +00:00
|
|
|
"flag"
|
2021-12-10 23:42:15 +00:00
|
|
|
"log"
|
|
|
|
|
"regexp"
|
|
|
|
|
|
|
|
|
|
"github.com/Adikso/minecraft-log4j-honeypot/extractor"
|
|
|
|
|
"github.com/Adikso/minecraft-log4j-honeypot/minecraft"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func Analyse(text string) {
|
|
|
|
|
log.Printf("Testing text: %s\n", text)
|
|
|
|
|
|
|
|
|
|
pattern := regexp.MustCompile(`\${jndi:(.*)}`)
|
|
|
|
|
finder := extractor.NewFinder(pattern)
|
|
|
|
|
|
|
|
|
|
injections := finder.FindInjections(text)
|
|
|
|
|
for _, url := range injections {
|
|
|
|
|
log.Printf("Fetching payload for: jndi:%s", url.String())
|
|
|
|
|
|
|
|
|
|
files, err := extractor.FetchFromLdap(url)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Printf("Failed to fetch class from %s", url)
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for _, filename := range files {
|
|
|
|
|
log.Printf("Saved payload to file %s\n", filename)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func main() {
|
2021-12-10 23:47:59 +00:00
|
|
|
address := flag.String("h", ":25565", "Minecraft server binding address")
|
|
|
|
|
flag.Parse()
|
|
|
|
|
|
|
|
|
|
server := minecraft.NewServer(*address)
|
2021-12-10 23:42:15 +00:00
|
|
|
server.ChatMessageCallback = Analyse
|
|
|
|
|
server.AcceptLoginCallback = Analyse
|
|
|
|
|
|
|
|
|
|
if err := server.Run(); err != nil {
|
|
|
|
|
log.Println(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
