From 69f0e7675a4cf04f9475ba26c5a7ba97ebcd4562 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Fri, 15 Jul 2022 10:23:51 +0530
Subject: [PATCH] Update opennms-log4j-jndi-rce.yaml

---
 vulnerabilities/other/opennms-log4j-jndi-rce.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/vulnerabilities/other/opennms-log4j-jndi-rce.yaml b/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
index edc4e6e580..93ecdbeeef 100644
--- a/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
+++ b/vulnerabilities/other/opennms-log4j-jndi-rce.yaml
@@ -10,6 +10,7 @@ info:
   reference:
     - https://www.horizon3.ai/the-long-tail-of-log4shell-exploitation/
     - https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/
+    - https://logging.apache.org/log4j/2.x/security.html
   classification:
     cve-id: CVE-2021-44228
   metadata:
@@ -39,6 +40,10 @@ requests:
           - '([a-zA-Z0-9\.\-]+)\.([a-z0-9]+)\.([a-z0-9]+)\.\w+'  # Match for extracted ${hostName} variable
 
     extractors:
+      - type: kval
+        kval:
+          - interactsh_ip # Print remote interaction IP in output
+
       - type: regex
         part: interactsh_request
         group: 1