diff options
| -rw-r--r-- | pkgs/tools/security/log4j-scan/default.nix | 44 | ||||
| -rw-r--r-- | pkgs/top-level/all-packages.nix | 2 |
2 files changed, 46 insertions, 0 deletions
diff --git a/pkgs/tools/security/log4j-scan/default.nix b/pkgs/tools/security/log4j-scan/default.nix new file mode 100644 index 0000000000000..142c1dd8c1b19 --- /dev/null +++ b/pkgs/tools/security/log4j-scan/default.nix @@ -0,0 +1,44 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "log4j-scan"; + version = "unstable-2021-12-14"; + format = "other"; + + src = fetchFromGitHub { + owner = "fullhunt"; + repo = pname; + rev = "7be0f1c02ce3494469dc73a177e6f0c96f0016d9"; + sha256 = "sha256-HazxK0wJ8xeFauD2xOxmOwWw1nEpQh+QdcBVZNaUgrM="; + }; + + propagatedBuildInputs = with python3.pkgs; [ + pycryptodome + requests + termcolor + ]; + + postPatch = '' + substituteInPlace log4j-scan.py \ + --replace "headers.txt" "../share/headers.txt" + ''; + + installPhase = '' + runHook preInstall + + install -vD ${pname}.py $out/bin/${pname} + install -vD headers.txt headers-large.txt -t $out/share + + runHook postInstall + ''; + + meta = with lib; { + description = "Scanner for finding hosts which are vulnerable for log4j"; + homepage = "https://github.com/fullhunt/log4j-scan"; + license = licenses.mit; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index c057511d2cb96..4c0bc0693db6f 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7463,6 +7463,8 @@ with pkgs; localtime = callPackage ../tools/system/localtime { }; + log4j-scan = callPackage ../tools/security/log4j-scan { }; + logcheck = callPackage ../tools/system/logcheck { }; logmein-hamachi = callPackage ../tools/networking/logmein-hamachi { }; |