Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Add pattern '${base64:JHtqbmRp'

See original GitHub issue

I request to add pattern ${base64:JHtqbmRp which is evaluated to ${jndi. I think with the current algorithm, the detector can not detect these kind of patterns.

Ref https://github.com/SigmaHQ/sigma/blob/master/rules/web/web_cve_2021_44228_log4j_fields.yml#L40

Issue Analytics

State:
Created 2 years ago
Comments:7 (6 by maintainers)

Top GitHub Comments

2reactions

karanlyonscommented, Dec 15, 2021

FYI, base64 isn’t actually in a release yet, just in master, so these payloads shouldn’t work unless the target has chosen to add the lookup themselves.

0reactions

Neo23x0commented, Dec 14, 2021

Ah, I see - yes, good to cover that as well

Top Results From Across the Web

Can a Base64 String contain tabs? - Stack Overflow

It depends on what you're asking. If you are asking whether or not tabs can be base-64 encoded, then the answer is "yes"...

SAP Cloud Integration - Use the Base64 Decoder

Learn how to use the Base64 Decoder. ... productImage using the following settings (tab Exchange Property): ... Create, productImage, XPath, java.lang.

EnvelopeRecipientTabs Resource | REST API | DocuSign

Custom Tabs can be added to envelopes and templates by setting the customTabId property when creating an envelope or template recipient or when...

Manage index pattern data fields | Kibana Guide [7.17] - Elastic

Open the main menu, then click Stack Management > Index Patterns. Select the index pattern you want to add a scripted field to....

Manual Chapter: Adding Entities to a Security Policy - AskF5

On the Main tab, click Security > Application Security > File Types . The Allowed File Types screen ... Adding base64 decoding to...