Adding notes about exe file generation ?

Question

Adding notes about exe file generation ?

tjyang opened this issue 3 years ago · 5 comments

Would you mind adding the instruction on how windows and Linux got generated ?

Answer 1 · 2021-12-16T10:21:43.000Z

They are generated using pyinstaller automatically via the GitHub actions workflow:
https://github.com/fox-it/log4j-finder/actions

More specifically:
https://github.com/fox-it/log4j-finder/blob/main/.github/workflows/pyinstaller.yaml

For the release we download the generated artifacts manually and attach it to the release page

I will add this info to the main README.md later

Answer 2 · 2021-12-16T13:11:19.000Z

@yunzheng , can you add info about using pyinstaller to compile .py into exe manually without github action ?
This will allow users to compile their own exe and push out binary to their systems with more confidence.

Answer 3 · 2021-12-16T14:17:52.000Z

Copy log4j-finder.py and log4j-finder.spec from repo
Install Python 3.10
=> pip install pyinstaller
=> pyinstaller log4j-finder.spec

Exe is in your dist folder.

All our virusscanners were blocking the binary listed on frontpage for some reason, the one I generated myself was considered "suspicous", but at least not removed straight away.

Also good to know: For some reason it has big trouble when being run from a Onedrive folder and network drive on our machines (suspect it's because of pyinstaller, but could again be our virusscanner). It will only scan a few files and report it's done. Just copy it to C: and you're good.

Answer 4 · 2021-12-16T17:11:23.000Z

@jkommeren , Thanks for the note.

Here is the note for rocky8 (RHEL 8 downstream)

[me@rocky8t01 github]$ cat /etc/redhat-release
Rocky Linux release 8.5 (Green Obsidian)
[me@rocky8t01 github]$ pip -V && python -V
pip 21.2.4 from /usr/local/lib/python3.9/site-packages/pip (python 3.9)
Python 3.9.8
[me@rocky8t01 github]$ pip install pyinstaller
<snipped>
[me@rocky8t01 github]$ which pyinstaller
~/.local/bin/pyinstaller
[me@rocky8t01 github]$
[me@rocky8t01 github]$ git clone https://github.com/fox-it/log4j-finder.git
[me@rocky8t01 github]$ cd log4j-finder
[me@rocky8t01 log4j-finder] pyinstaller log4j-finder.spec
<snipped>
[me@rocky8t01 log4j-finder]$ dist/log4j-finder -h
usage: log4j-finder [-h] [-v] [-n] [-b] [PATH ...]

Find vulnerable log4j2 on filesystem (Log4Shell CVE-2021-4428)

positional arguments:
  PATH             Directory or file(s) to scan (recursively) (default: ['/'])

optional arguments:
  -h, --help       show this help message and exit
  -v, --verbose    verbose output (-v is info, -vv is debug) (default: 0)
  -n, --no-color   disable color output (default: False)
  -b, --no-banner  disable banner (default: False)

Files are scanned recursively, both on disk and in Java Archive Files
[me@rocky8t01 log4j-finder]$

Answer 5 · 2021-12-16T21:21:30.000Z

Thanks for the great feedback and suggestion.

The instructions has been added. Not as detailed as yours @tjyang but I think it should be ok :)