https://github.com/osquery/osquery logo
Powered by
#fleet
Title
# fleet
t

Tor Houghton

03/30/2022, 7:54 AM
Does anyone have a good search example for finding a specific Java version? (or rather: "higher than a certain version")? Ref. https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html
k

Kathy Satterlee

03/30/2022, 8:10 PM
I haven't been able to hunt one down yet, but I'm seeing what I can dig up.
I've got this to check the JDK version on Mac:
Copy code
select path 
from (
    select directory as path FROM file
    Where directory = "/Library/Java/JavaVirtualMachines" 
    AND  CAST(SUBSTR(filename, INSTR(filename, '-') +1, (INSTR(filename, '.') - 1) - INSTR(filename, '-')) as INT) >= 9
    union all
    select path from homebrew_packages 
    where name LIKE "%jdk%"
    AND CAST(version as INT) >= 9
);
Which checks for both manual download/install and homebrew installations. Working on getting access to Win/Linux machines with JDK installed so that I can test those as well.
It checks if JDK is installed with a version of 9 or later.
👍 1
m

Matthew Warren

05/18/2023, 3:09 AM
@Kathy Satterlee with apologies for reviving this, did you ever construct a query for Win/Linux Java installations as well?
4 Views
Powered by