Use scripts to automatically scan systems for vulnerable installations, such as this popular one written in Python, and this one from security. One of the easiest to use is this simple bash script, which can scan your packages and identify log4j versions, and can also tell you if your system is even using Java in the first place. In most cases, you’ll want to run multiple scans with different scripts, because it’s not guaranteed that any one of these is going to be 100% effective at identifying every vulnerable system.
You can download it and run it with a few commands. This needs to run as root to scan your whole system wget https://raw.githubusercontent.com/rubo77/log4j_checker_beta/main/log4j_checker_beta.sh -q chmod +x log4j_checker_beta.sh sudo ./log4j_checker_beta.sh script runing output
0 Comments
Purpose
Sometimes we have only, pfx certificate file and password to deploy in the various application does not support .pfx format so we need to convert to the required format. Bit By Bit I have copy my pfx file dyindia.pfx in my CentOS server where openssl installed -rw------- 1 deelip deelip 3089 Apr 27 16:40 dyindia.pfx Run the bellow command to export the private key: openssl pkcs12 -in dyindia.pfx -nocerts -out dyindia.pem -nodes Run the below command to export the certificate: openssl pkcs12 -in dyindia.pfx -nokeys -out dyindia.pem Run the below command to remove the passphrase from the private key: openssl rsa -in dyindia.pem -out dyindia_wo.key |
Author
Deelipkumar R. Yadav Archives
December 2021
|