Skip to content
This repository was archived by the owner on May 8, 2024. It is now read-only.

Commit b8d7e56

Browse files
sysadmin0815sysadmin0815
authored
update to version 1.6
bugfix and better comments
1 parent 3440a2e commit b8d7e56

File tree

1 file changed

+38
-7
lines changed

1 file changed

+38
-7
lines changed

Fix-log4j_jndi_7zip.ps1

Lines changed: 38 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,15 @@
55
# Author: sysadmin0815
66
# Date: 16.12.2021
77
#############################
8-
# Mod. Date: 22.12.2021
9-
$scriptVersion = "1.5"
8+
# Mod. Date: 23.12.2021
9+
$scriptVersion = "1.6"
1010
#Change Log:
1111
# added additional if check to stop the process of bk file not found.
1212
# added PSScriptRoot for 7zip by default
1313
# added $enableBackup
1414
# added $searchAllDrives
1515
# added verifying process if jndilookup class was removed from jar file
16+
# bugfix and code cleanup
1617
#
1718
#############################
1819
#THE SCRIPT IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND.
@@ -56,7 +57,8 @@ $enableBackup = $true
5657
#if the class was NOT removed successfully, the jar file was NOT modified. So keeping the bk file is optional.
5758
#--- set to $true to delete bk files if the class is still detected in the jar file (default)
5859
#--- set to $false to keep bk files if the class is still detected in the jar file.
59-
$removeBkOnFailure = $true #set to $false if you are not sure
60+
#will be ignored if $enableBackup is set to $false
61+
$removeBkOnFailure = $true #set to $false if you are not sure
6062

6163

6264
# -------------- SCRIPT START ---------------
@@ -74,6 +76,7 @@ $datelog = (Get-Date -Format "dd.MM.yyyy HH:mm:ss")
7476

7577
#Buid LogFolder and LogFile
7678
$rootFolder = $PSScriptRoot+"\"
79+
#$rootFolder = "C:\Windows\Logs\Custom\" #if you want the logs stored in a different folder, modify this line and comment the above one.
7780
$logFileName="Log4JCleanup.log"
7881
$folderName = "Log"
7982
$PathLogs= $rootFolder
@@ -147,10 +150,13 @@ else {
147150
Add-Content -Path $PathToLogFile -Value "$datelog -- Files found matching pattern $filepattern "
148151
$log4jFiles.FullName | Add-Content $PathToLogFile
149152

153+
#define temp file path for validating if jndilookup class was removed (will be deleted automatically)
150154
$tmpFile = "$PSScriptRoot\log4jcleanupTmp.log"
151155

156+
#process files found matching pattern
152157
foreach ($file in $log4jFiles) {
153158
try{
159+
#if enableBackup is set to $true process this part
154160
if ($enableBackup) {
155161
if (Test-Path -Path $tmpFile) {
156162
Remove-Item -Path $tmpFile -Force
@@ -170,6 +176,7 @@ else {
170176
Write-Host " -- Checking if JNDILookup Class has been removed"
171177
Start-Process -FilePath "$7zipPath" -ArgumentList "l `"$($file.FullName)`" org/apache/logging/log4j/core/lookup/JndiLookup.class" -NoNewWindow -Wait -RedirectStandardOutput "$tmpFile"
172178
Add-Content -Path $PathToLogFile -Value "$datelog --- Checking if JNDILookup Class has been removed"
179+
#check if jndilookup class was removed
173180
$validate = Select-String -Path "$tmpOutFile" -Pattern "JndiLookup.class" -CaseSensitive -Quiet -SimpleMatch
174181
if (! $validate) {
175182
Write-Host " -- Verified: File successully cleaned up." -ForegroundColor Green
@@ -191,6 +198,7 @@ else {
191198
Remove-Item -Path $tmpFile -Force
192199
}
193200
}
201+
#Error handling if backup file could not be ceated
194202
else{
195203
Write-Host "Error creating backup for file $file" -BackgroundColor Red -ForegroundColor Yellow
196204
Write-Host " -- No changes perfmormed" -BackgroundColor Red -ForegroundColor Yellow
@@ -201,10 +209,33 @@ else {
201209
}
202210
}
203211

204-
else{
205-
Add-Content -Path $PathToLogFile -Value "$datelog -- Backup disabled for file $file"
206-
Add-Content -Path $PathToLogFile -Value "$datelog --- Processing file $file"
207-
& $7zipPath d $file.fullname org/apache/logging/log4j/core/lookup/JndiLookup.class
212+
#if enableBackup is set to $false, process this part
213+
else{
214+
if (Test-Path -Path $tmpFile) {
215+
Remove-Item -Path $tmpFile -Force
216+
}
217+
Write-Host "Processing file $file"
218+
Write-Host " -- Backup DISABLED" -ForegroundColor Yellow
219+
Add-Content -Path $PathToLogFile -Value "$datelog Backup disabled for file $file"
220+
Add-Content -Path $PathToLogFile -Value "$datelog Processing file $file"
221+
& $7zipPath d $file.fullname org/apache/logging/log4j/core/lookup/JndiLookup.class | Out-Null
222+
Write-Host " -- Checking if JNDILookup Class has been removed"
223+
Start-Process -FilePath "$7zipPath" -ArgumentList "l `"$($file.FullName)`" org/apache/logging/log4j/core/lookup/JndiLookup.class" -NoNewWindow -Wait -RedirectStandardOutput "$tmpFile"
224+
Add-Content -Path $PathToLogFile -Value "$datelog --- Checking if JNDILookup Class has been removed"
225+
$validate = Select-String -Path "$tmpOutFile" -Pattern "JndiLookup.class" -CaseSensitive -Quiet -SimpleMatch
226+
#check if jndilookup class was removed
227+
if (! $validate) {
228+
Write-Host " -- Verified: File successully cleaned up." -ForegroundColor Green
229+
Add-Content -Path $PathToLogFile -Value "$datelog --- Verified: File successully cleaned up."
230+
}
231+
else {
232+
Write-Host " -- Failure: Check whether you have write permissions or another process is currently using the file." -BackgroundColor Red -ForegroundColor Yellow
233+
Add-Content -Path $PathToLogFile -Value "$datelog --- Failure: Check whether you have write permissions or another process is currently using the file."
234+
$returnCode = 1
235+
}
236+
if (Test-Path -Path $tmpFile) {
237+
Remove-Item -Path $tmpFile -Force
238+
}
208239
}
209240

210241
}

0 commit comments

Comments
 (0)