This is a discussion topic for the Ore project, JNDIDetector. View the full project on Ore for downloads and more information.
Standalone detector/mitigator for the Log4J JNDI exploit, with configurable options for console logging, player messaging, and command execution on detection.
A new version has been released for JNDIDetector, it is available for download here.
Provides detection of attempted JNDI exploitation in any Sponge message channel, with configurable options for console logging, player messaging, and command execution on detection.
The same fix is already implemented in Sponge latest version: Attempt to block log4j2 exploit · SpongePowered/Sponge@06988e3 · GitHub .
The fix in Sponge’s latest version does block it, but doesn’t provide servers with any options to handle perpetrators how they wish (i.e. to kick, ban, etc.), which is what this plugin aims to provide 