Share
## https://sploitus.com/exploit?id=93891E8E-E8D8-5E2F-B4F0-F042988BAAA4
This is a tool for scanning internal subnets for vulnerable log4j web services. It sends a JNDI payload to each discovered web service on common HTTP/S ports and logs the responding host IP. The tool does not send any exploits to the vulnerable hosts and is designed to be as passive as possible.

The tool uses a server on the default address (the local IP at port 5555) and can be configured to scan a custom list of ports using the `--ports` flag. It also has a `--connect-timeout` flag to control the time to wait for a response from each port while scanning.

The tool has a list of common HTTP/S ports, including:

`80`
`443`
`591`
`593`
`832`
`981`
`1311`
`1527`
`1965`
`2181`
`2480`
`4444`
`4445`
`4567`
`5000`
`5004`
`5044`
`5104`
`5480`
`5489`
`5791`
`5800`
`5985`
`5986`
`6121`
`