From 34953f1c88f735b66cba5cca25ba7a16d4dbbbb6 Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Wed, 23 Feb 2022 17:13:25 +0100 Subject: [PATCH] Agent: Enable Hadoop exploiter to run --- monkey/infection_monkey/exploit/hadoop.py | 4 ++-- monkey/infection_monkey/exploit/web_rce.py | 5 ++--- monkey/infection_monkey/monkey.py | 2 ++ 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index cb44af060..04f037762 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -33,8 +33,8 @@ class HadoopExploiter(WebRCE): # Random string's length that's used for creating unique app name RAN_STR_LEN = 6 - def __init__(self, host): - super(HadoopExploiter, self).__init__(host) + def __init__(self): + super(HadoopExploiter, self).__init__() def _exploit_host(self): # Try to get exploitable url diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index 2713f9009..289eaed7e 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -32,13 +32,12 @@ POWERSHELL_NOT_FOUND = "powershell is not recognized" class WebRCE(HostExploiter): - def __init__(self, host, monkey_target_paths=None): + def __init__(self, monkey_target_paths=None): """ - :param host: Host that we'll attack :param monkey_target_paths: Where to upload the monkey at the target host system. Dict in format {'linux': '/tmp/monkey.sh', 'win32': './monkey32.exe', 'win64':... } """ - super(WebRCE, self).__init__(host) + super(WebRCE, self).__init__() if monkey_target_paths: self.monkey_target_paths = monkey_target_paths else: diff --git a/monkey/infection_monkey/monkey.py b/monkey/infection_monkey/monkey.py index fc52290bb..51eb7af6e 100644 --- a/monkey/infection_monkey/monkey.py +++ b/monkey/infection_monkey/monkey.py @@ -17,6 +17,7 @@ from infection_monkey.credential_collectors import ( SSHCredentialCollector, ) from infection_monkey.exploit import ExploiterWrapper +from infection_monkey.exploit.hadoop import HadoopExploiter from infection_monkey.exploit.sshexec import SSHExploiter from infection_monkey.i_puppet import IPuppet, PluginType from infection_monkey.master import AutomatedMaster @@ -222,6 +223,7 @@ class InfectionMonkey: exploit_wrapper.wrap(SSHExploiter), PluginType.EXPLOITER, ) + puppet.load_plugin("HadoopExploiter", HadoopExploiter(), PluginType.EXPLOITER) puppet.load_plugin("ransomware", RansomwarePayload(), PluginType.PAYLOAD)