DEV Community

Cover image for Log4j Exploit Pattern Detection Using ColdFusion/CFML
James Moberg
James Moberg

Posted on • Updated on


Log4j Exploit Pattern Detection Using ColdFusion/CFML

Here are my initial attempts at trying to detect Log4j exploit attempts that may make it past our WAF/service provider protections. While our WAF stopped requests from Trend Micro's Log4j Tester, obfuscated requests made it through. At time of testing, Azure wasn't blocking requests. I had to be a little careful with the script as Windows kept instantly quarantining the CFM files and prevented ColdFusion from executing the template.

2021-12-29: Updated rules based on Google Cloud article to additionally block rmi, ldaps & dns (in addition to stripping whitespace.)

Sample CFML code available at

Top comments (0)

Timeless DEV post...

Git Concepts I Wish I Knew Years Ago

The most used technology by developers is not Javascript.

It's not Python or HTML.

It hardly even gets mentioned in interviews or listed as a pre-requisite for jobs.

I'm talking about Git and version control of course.

One does not simply learn git