Update Log4Shell references and VCenter URI

mrshu · Dec 17, 2021 · 60de839 · 60de839
1 parent 6175e38
commit 60de839
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 4 deletions.
diff --git a/data/exploits/CVE-2021-44228/http_uris.txt b/data/exploits/CVE-2021-44228/http_uris.txt
@@ -3,4 +3,4 @@
 # Apache Solr
 /solr/admin/cores?action=CREATE&wt=json&name=${jndi:uri}
 # VMWare VCenter
-/websso/SAML2/SSO/photon-machine.lan?SAMLRequest=
+/websso/SAML2/SSO/vsphere.local?SAMLRequest=
diff --git a/documentation/modules/auxiliary/scanner/http/log4shell_scanner.md b/documentation/modules/auxiliary/scanner/http/log4shell_scanner.md
@@ -22,7 +22,7 @@ This module has been successfully tested with:
 5. Do: `run`
 6. The target should be identified as vulnerable
 
-### Struts2 Setup
+### Apache Struts2 Setup
 
 The following docker file can be used to setup a vulnerable Struts2 instance for testing.
 
@@ -68,7 +68,7 @@ Time in seconds to wait to receive LDAP connections.
 
 ## Scenarios
 
-### Struts2
+### Apache Struts2
 
 ```
 msf6 > use auxiliary/scanner/http/log4shell_scanner 

diff --git a/modules/auxiliary/scanner/http/log4shell_scanner.rb b/modules/auxiliary/scanner/http/log4shell_scanner.rb
@@ -29,7 +29,9 @@ def initialize
       ],
       'References' => [
         [ 'CVE', '2021-44228' ],
-        [ 'URL', 'https://attackerkb.com/topics/in9sPR2Bzt/cve-2021-44228-log4shell/rapid7-analysis' ]
+        [ 'CVE', '2021-45046' ],
+        [ 'URL', 'https://attackerkb.com/topics/in9sPR2Bzt/cve-2021-44228-log4shell/rapid7-analysis' ],
+        [ 'URL', 'https://logging.apache.org/log4j/2.x/security.html' ]
       ],
       'DisclosureDate' => '2021-12-09',
       'License' => MSF_LICENSE,