cve_2021_45046_apache_log4j

1. #!/usr/bin/env python3
2. # -*- coding: utf-8 -*-
3. # Filename: cve_2021_45046_apache_log4j.py
4. # Version: 1.0.0
5. # Author: Jeoi Reqi
6. # Vulnerability Source: https://nvd.nist.gov/vuln/detail/CVE-2021-45046
7.  
8. """
9. Description:
10. This script checks for the presence of vulnerable software configurations on the user's machine
11. in relation to the CVE-2021-45046 vulnerability. It compares the list of installed software on
12. the system with a predefined list of vulnerable software configurations associated with the CVE.
13. If any vulnerable software configurations are found, it displays a warning message to prompt
14. the user to take immediate action to mitigate the vulnerability.
15.  
16. Requirements:
17. - Python 3.x: The script is written in Python 3 and requires a Python interpreter of version 3 or higher to run.
18. - WMI Module: The script uses the WMI module to interact with the Windows Management Instrumentation (WMI) API
19.  to retrieve a list of installed software on a Windows system. Ensure that the WMI module is installed.
20.  You can install it using pip: `pip install WMI`.
21.  
22. Usage:
23. 1. Ensure Python 3.x is installed on your system.
24. 2. Install the WMI module by running `pip install WMI`.
25. 3. Run the script using the command `python cve_2021_45046.py`.
26. 4. The script will verify if any vulnerable software configurations are installed on your machine and
27.   provide instructions for mitigation if necessary.
28.  
29. Functions:
30. - get_installed_software(): Retrieves a list of installed software on the user's machine using the WMI module.
31. - check_for_vulnerabilities(): Compares the list of installed software with a predefined list of vulnerable
32.  software configurations and displays a warning message if any vulnerable software configurations are found.
33.  
34. Important Notes:
35. - The predefined list of vulnerable software configurations in this script corresponds to the CVE-2021-45046 vulnerability.
36. - The script only supports Windows systems due to its dependency on the WMI module for retrieving installed software information.
37. """
38.  
39. import wmi
40.  
41. # List of vulnerable software configurations
42. vulnerable_software = [
43.     "Apache Log4j 2.0 up to (excluding) 2.12.2",
44.     "Apache Log4j 2.13.0 up to (excluding) 2.16.0"
45. ]
46.  
47. def get_installed_software():
48.     """
49.    Retrieves a list of installed software on the user's machine using the WMI module.
50.    
51.    Returns:
52.        list: A list containing the names of installed software.
53.    """
54.     c = wmi.WMI()
55.     installed_software = []
56.     for item in c.Win32_Product():
57.         installed_software.append(item.Caption)
58.     return installed_software
59.  
60. def check_for_vulnerabilities():
61.     """
62.    Compares the list of installed software with a predefined list of vulnerable software configurations
63.    and displays a warning message if any vulnerable software configurations are found.
64.    """
65.     installed_software = get_installed_software()
66.     vulnerable_installed = [software for software in installed_software if software in vulnerable_software]
67.     if vulnerable_installed:
68.         print("\nWarning:\nThe following vulnerable software configurations are installed on your machine:")
69.         for software in vulnerable_installed:
70.             print("- " + software)
71.         print("\nPlease take immediate action to mitigate the vulnerability by applying updates per vendor instructions.\n")
72.     else:
73.         print("\nAll clear!\nNone of the vulnerable software configurations are installed on your machine.\n")
74.  
75. if __name__ == "__main__":
76.     print("Verifying vulnerable software configurations...")
77.     check_for_vulnerabilities()
78.  
79.