network_scan option does not find any network drives
Opened this issue · 0 comments
I ran into this issue on Windows 10 Pro x64, but also on a few different Windows Server OSes.
If you pass the /scan_network parameter to Log4JScanner-2.1.2.0, it simply returns the following:
Log4jScanner.exe /scan_network /verbose
Qualys Log4j Vulnerability Scanner 2.1.2.0
https://www.qualys.com/
Dependencies: minizip/1.1 zlib/1.2.11, bzip2/1.0.8
Supported CVE(s): CVE-2021-4104, CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-45105
Known TAR Extensions : .tar
Known GZIP TAR Extensions : .tgz, .tar.gz
Known BZIP TAR Extensions : .tbz, .tbz2, .tar.bz, .tar.bz2
Known ZIP Extensions : .zip, .jar, .war, .ear, .par, .kar, .sar, .rar, .jpi, .hpi, .apk
Scanning Network Drives...
Scan Summary:
Scan Date: 2022-01-28T08:36:29-0800
Scan Duration: 0 Seconds
Scan Error Count: 0
Scan Status: Success
Files Scanned: 0
Directories Scanned: 0
Compressed File(s) Scanned: 0
JAR(s) Scanned: 0
WAR(s) Scanned: 0
EAR(s) Scanned: 0
TAR(s) Scanned: 0
Vulnerabilities Found: 0
Looking through the code, it looks like the ScanNetworkDrives method on line 634 of Scanner.cpp is using the same logic to get the drive type as ScanLocalDrives is, but it is only returning local drives.