As many of you know, the Log4Shell vulnerability in the popular Log4J Java logging framework vulnerability was reported in mid-December and though patched, continues to affect companies worldwide. Many guides and detector projects have emerged since to detect the vulnerability. We guide you through building such a detector using ProGuardCORE, using just a few lines of code.
In this blog you can learn how to use ProGuardCORE to:
- Read Java class files and jars
- Use class and member visitors to apply actions to specific classes and methods
- Build a working Log4Shell detector
Try this out and let us know what you think. If you build something else with ProGuardCORE, let us know!