Log4J JNDI Remove Utility
Kooin-Shin
Posted on December 14, 2021
Some days ago, There was big shocking security issue disclosed about Log4J JNDI exploit vulnerability.
It was almost veiled over 8 years!
Some kind of worried thing blows in my head because it's very most used Logger API ever.
But we have to get a chance to recover it.
Not fully complete, but complementary thing is here. It's a way to remove JndiLookup.class in Log4J jar files.
So I introduce a utility for removing JNDI class in jars by batch processing from top level directory.
Download and execute jar like 'java -jar log4j-jndi-remover.jar', then you can fix your applications and services.
๐ ๐ช ๐
๐ฉ
Kooin-Shin
Posted on December 14, 2021
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.
Related
