Hello,
I am looking for some help with log4j remediation.
Once I run the below remediation script for the identified jar file, how to do I validate it?
zip -q -d path-to-JAR-file org/apache/logging/log4j/core/lookup/JndiLookup.class
Thank you for the link. Yes, I gone through that earlier, but that gives the steps for remediation. I dont see any specific step for validation.
Would you mind to share if you are aware of any validation steps for manual log4j remediation?
For validation, I would rerun the search and if they were zipped, you shouldn't get any results for log4j-core-2.*.jar.
Correction:
The find command will still find those jar files. You want to verify that JndiLookup.class has been removed.
I think you can use something similar to this:
find . -name *.jar | xargs grep JndiLookup.class
Another way would be to spot check one or two jar files, by copying them to a temporary location, run “unzip jarfilename.jar”, and eyeball the extracted folder and see if JndiLookup.class is no longer there.
Is this the only command to issue for UNIX? zip -q -d path-to-JAR-file org/apache/logging/log4j/core/lookup/JndiLookup.class
Also does the path-to-JAR-file include the actual .jar file, for example what's in red (/opt/sas/sashome/SASEnvironmentManagerAgent/2.5/installer/lib/log4j-core-2.11.1.jar)
Thank you.
Join us for SAS Innovate 2025, our biggest and most exciting global event of the year, in Orlando, FL, from May 6-9. Sign up by March 14 for just $795.
Ready to level-up your skills? Choose your own adventure.