This tool patches the CVE-2021-44228 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch

Related tags

Hook L4J-Vuln-Patch
Overview

WARNING

THIS EXPLOIT EFFECTS BOTH CLIENTS AND SERVERS

There is currently a exploit going around that affects all versions of Minecraft this exploit abuses log4j deserialization in order to achieve remote code execution this exploit is not new but has only just recently come to light because of paper mc and spigot etc patching and announcing this exploit

Downloads

Currently the only available releases for this patcher are Jar releases but binaries will be available soon

SERVER OWNERS

Please update your servers to the latest version to help protect against this most major providers have already patched this vulnerability HOWERVER this is still unpatched on all minecraft clients

CLIENTS

This tool is too help patch clients and protect them against the vuln because they are all vulnerable all an attack has to do is put a payload in the game chat an all connected clients will be affected

NOTE

THIS IS NOT A PERMANENT SOLUTION THIS ONLY IS A ONE TIME PATCH ON EACH CLIENT JAR UPDATING YOUR MC VERSIONS OR INSTALLING NEW ONES WILL NOT BE AFFECTED BY THIS PATCH AND YOU WILL NEED TO RUN IT AGAIN

WHAT THIS PATCH DOES

This patch modifies each of the log file configurations in your mc jars replacing

%msg with %msg{nolookups}

RELEASES

Releases will be available in the releases tab

You might also like...
Display list of item from local Json and download, view after downloading
Display list of item from local Json and download, view after downloading

Download App Features: ● Display fake responses for the list of videos and books ● choose one or multiple files to download, ● show the download perce

A solution to fix obfuscated Java services after ProGuard has run

ProGuard Service Mapper This is a service mapper for the ProGuard Java bytecode

BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.
BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

BlackDex is an Android unpack tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phones or emulators, you can unpack APK File in several seconds.

A periodic text updating library
A periodic text updating library

RotatingText Rotating text is an Android library that can be used to make text switching painless and beautiful, with the use of interpolators, typefa

Android cryptography library with SecureRandom patches.

EasyCrypt Secure and efficient cryptography library for Android. (Auto fix SecureRandom bugs in API 18 and below.) Note: EasyCrypt uses only secure im

A distribution of performance-oriented Bukkit patches that aims to keep stability and vanilla behaviour
A distribution of performance-oriented Bukkit patches that aims to keep stability and vanilla behaviour

Patina A distribution of performance-oriented Bukkit patches that aims to keep stability and vanilla behaviour. You can find explanation of configurat

An app full of Constantly updating Google Pixel wallpapers
An app full of Constantly updating Google Pixel wallpapers

An app full of Stock Google Pixel wallpapers! Download: Found a Wallpaper not on the app? Submit and issue to the Google Pixel Wallpaper repository Sc

A "must-have a look" project for newcomers in android.

PracticeApp Helping the Newbies This app is made with a purpose to help newbies understand core concepts of Android Development. There are very limite

Gradle plugin for updating a project version catalog

Version catalog update plugin This plugin helps to keep the versions in a Gradle version catalog toml file up to date. The version updates are determi

A native android app that shows how much calories one must consume based on their profile
A native android app that shows how much calories one must consume based on their profile

Healtify is a native android app which allows the user to track the amout of Calories they are consuming. It not only tracks the calories but also shows how much of fat, protein and carbs they have consumed and how much they should be doing.

A sample project to debunk common misbeliefs regarding the impact the Log4j vulnerabilities on Java Applications
A sample project to debunk common misbeliefs regarding the impact the Log4j vulnerabilities on Java Applications

Introduction This project intends to debunk two common misbeliefs regarding the

log4shell detector similar to log4jscanner, log4j-detector etc but built with ProGuardCORE

Log4Shell detector Yet another log4shell detector, similar to log4jscanner, log4

A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go.  Written in Java so it should run on your platform. A tool that enables advanced features through adb installing and uninstalling apps like wildcards and multi device support. Useful if you want to clean your test device from all company apks or install a lot of apks in one go.  Written in Java so it should run on your platform.
Non-decompiling Android vulnerability scanner (DC25 demo lab, CB17)

README trueseeing is a fast, accurate and resillient vulnerabilities scanner for Android apps. It operates on Android Packaging File (APK) and outputs

A TextView that automatically fit its font and line count based on its available size and content
A TextView that automatically fit its font and line count based on its available size and content

AutoFitTextView A TextView that automatically fit its font and line count based on its available size and content This code is heavily based on this S

Note app: an android app that allows to build some sticky note, management functionality are
Note app: an android app that allows to build some sticky note, management functionality are

NoteApp note app is an android app that allows to build some sticky note, manage

Easy-Note - Easy Note Application will help user to add and update their important notes
Easy-Note - Easy Note Application will help user to add and update their important notes

Easy-Note 🗒️ Easy Note App helps you to create your notes. You can 📝 edit and

Comments
  • Path isn’t correct (tested on macOS)

    Path isn’t correct (tested on macOS)

    I get ERROR: Could not find minecraft install at /Users/cyberflame/Downloads/patchypatchy/L4J-Vuln-Patch/build/libs/~/Library/Application Support/minecraft??? when trying to run the applet.

    My understanding is that the applet is treating the path returned from the function(?) as a relative path, though I have limited experience with Kotlin so I’m unsure

    opened by CyberFlameGO 2
Releases(release)
Owner
Jacobtread
Just another web developer Discord: Jacobtread#3770
Jacobtread
An attempt to patch JARs that bundle a vulnerable version of Log4J

Log4JFixer An attempt to patch JARs that bundle a vulnerable version of Log4J. Written in Kotlin. Compiling ./gradlew shadowJar Built JAR is located i

Matouš Kučera 2 Feb 4, 2022
A hotfix library for Android platform, and not just this...

中文版 wiki (deprecated) changelog Amigo Service Platform (Amigo backend service is no longer supported) Amigo is a hotfix library which can fix everythi

eleme 1.4k Nov 25, 2022
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth

Log4J Scanner Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth. Disclaimer I am not responsible for your actions, bur

Dexter0us 94 Nov 22, 2022
A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228/Log4Shell)

Log4j2 RCE Vulnerability POC A bare minimum proof-of-concept for Log4j2 JNDI Remote-Code-Execution vulnerability (CVE-2021-44228). This is intended fo

Sola 4 Aug 17, 2022
Resolve the RCE vulnerability caused by JNDI lookup in log4j 2.0~2.14.1

Log4j Patch Resolve the RCE vulnerability caused by JNDI lookup in log4j 2.0~2.14.1. It is licensed under the WTFPL 2.0 license, you can do anything w

Glavo 67 Dec 2, 2022
Proof of concept app for Android permanent denial-of-service vulnerability CVE-2020-0443

CVE-2020-0443 This is a proof of concept app that exploits CVE-2020-0443 to brick any Android device. After running the app and rebooting, the device

Sithija 11 Dec 21, 2022
An attempt to patch JARs that bundle a vulnerable version of Log4J

Log4JFixer An attempt to patch JARs that bundle a vulnerable version of Log4J. Written in Kotlin. Compiling ./gradlew shadowJar Built JAR is located i

Matouš Kučera 2 Feb 4, 2022
Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a `writeToParcel`/`createFromParcel` serialization mismatch in `OutputConfiguration`

null 52 Dec 30, 2022
Minecraft Server Software specially designed for Thicc SMP. Here on GitHub without the private patches, just a normal hybrid JettPack-Pufferfish-Empirecraft fork

AlynaaMC A private, custom server software for Thicc SMP and a fork of Pufferfish. Here on GitHub with patches from JettPack, Airplane and Pufferfish

ThiccMC 14 Dec 31, 2021