Skip to main content
Centos: Search for Library (run as root on each machine):

Please note:  This is intended as a quick search for traditionally installed software.  It will not always find the issue in commercial software or where people have changed names of files.


#!/bin/bash
#
export PATH="/bin:/sbin:/usr/bin:/usr/sbin"
#
localfilesystems=$(cat /etc/fstab | grep -E -v '^#|devpts|nfs|none|not|proc|swap|sysfs|tmpfs' | awk '{printf "%s ",$2}')
#
# Scan for packed WARs that may contain log4j jars
find $localfilesystems -xdev -name '*.war' -print0 | while read -d $'\0' warfile
do
log4j_jars=$(unzip -l "$warfile" | egrep 'log4j.*\.jar' | awk '{print $4}')
for jarfile in $log4j_jars; do
tmpjar=$(mktemp)
unzip -p "$warfile" "$jarfile" > "$tmpjar"
#
version=$(unzip -p "$tmpjar" META-INF/MANIFEST.MF | grep Implementation-Version | awk -F': ' '{print $2}')
#
if test -z "$version"; then
# Try a less common version field if Implementation-Version doesn't exist
version=$(unzip -p "$tmpjar" META-INF/MANIFEST.MF | grep Log4jReleaseVersion | awk -F': ' '{print $2}')
if test -z "$version"; then
version="0.0.0"
fi
fi
#
test -f "$tmpjar" && rm -f "$tmpjar"
#
echo "$(hostname),${warfile}:${jarfile},$version"
done
done
#
find $localfilesystems -xdev -name 'log4j*.jar' -print0 | while read -d $'\0' jarfile
do
version=$(unzip -p "$jarfile" META-INF/MANIFEST.MF | grep Implementation-Version | awk -F': ' '{print $2}')
#
if test -z "$version"; then
# Try a less common version field if Implementation-Version doesn't exist
version=$(unzip -p "$jarfile" META-INF/MANIFEST.MF | grep Log4jReleaseVersion | awk -F': ' '{print $2}')
if test -z "$version"; then
version="0.0.0"
fi
fi
#
echo "$(hostname),$jarfile,$version"
done
#
exit 0

Sample Output

ei-linutils-dev-asb.ei.rutgers.edu,/var/lib/docker/overlay2/c3af432d38699dd6a5dbbf2b90d081160bd1f1f1dfcc1cfaf7429ec11e1c9762/diff/usr/share/elasticsearch/lib/log4j-api-2.11.1.jar,2.11.1
ei-linutils-dev-asb.ei.rutgers.edu,/var/lib/docker/overlay2/c3af432d38699dd6a5dbbf2b90d081160bd1f1f1dfcc1cfaf7429ec11e1c9762/diff/usr/share/elasticsearch/lib/log4j-core-2.11.1.jar,2.11.1
ei-linutils-dev-asb.ei.rutgers.edu,/var/lib/docker/overlay2/c3af432d38699dd6a5dbbf2b90d081160bd1f1f1dfcc1cfaf7429ec11e1c9762/diff/usr/share/elasticsearch/lib/log4j-1.2-api-2.11.1.jar,0.0.0
ei-linutils-dev-asb.ei.rutgers.edu,/var/lib/docker/overlay2/26d52e37f70aeb3009ed54bda3f3556f513b251ffab4fb17b0fa795c3edb6ce7/diff/opt/gradle/lib/log4j-over-slf4j-1.7.30.jar,1.7.30