Adding -q option ?
tjyang opened this issue · 5 comments
tjyang commented
- WHAT ?
One-liner output for each discovered log4j-core-2.x.jar file.
[me@rocky8t01 log4j-finder]$ sudo ./dist/log4j-finder -bq /tmp
$HOSTNAME [shorter timestamp ] VULNERABLE: /tmp/apache-log4j-2.8-bin/log4j-core-2.8.jar -> org/apache/logging/log4j/core/net/JndiManager.class [415c13e7c8505fb056d540eac29b72fa: log4j 2.7 - 2.8.1]
[me@rocky8t01 log4j-finder]$
- WHY ?
So that it is better used with CM tool like saltstack/ansible tools.
-b option to exclude banner is still too much verbose for me.
[me@rocky8t01 log4j-finder]$ sudo ./dist/log4j-finder -bq /tmp
usage: log4j-finder [-h] [-v] [-n] [-b] [PATH ...]
log4j-finder: error: argument -b/--no-banner: ignored explicit argument 'q'
[me@rocky8t01 log4j-finder]$ sudo ./dist/log4j-finder -b /tmp
[2021-12-16 20:55:05.573146] Scanning: /tmp
[2021-12-16 20:55:05.596662] VULNERABLE: /tmp/apache-log4j-2.8-bin/log4j-core-2.8.jar -> org/apache/logging/log4j/core/net/JndiManager.class [415c13e7c8505fb056d540eac29b72fa: log4j 2.7 - 2.8.1]
[2021-12-16 20:55:05.679576] Finished scan, elapsed time: 0.11 seconds
Summary:
Processed 291 files and 23 directories
Scanned 44 files
Found 1 vulnerable files
Elapsed time: 0.11 seconds
[me@rocky8t01 log4j-finder]$
yunzheng commented
would you prefer csv or still the same readable human text? and shorter timestamp, exclude the microseconds?
tjyang commented
human text is enough for me. minus microseconds will be great.
yunzheng commented
Would you prefer hostname in the front or after timestamp? Reason to do after timestamp is because hostname could be inconsistent with length. So if you would align multiple outputs it wouldn't align nicely.
tjyang commented
according to your explanation, timestamp should come first for alignment reason.