Agent: Use exploiter tag properties
This commit is contained in:
parent
4a0a24dde2
commit
3e592cfa69
|
@ -9,6 +9,7 @@ import logging
|
|||
import posixpath
|
||||
import random
|
||||
import string
|
||||
from typing import Tuple
|
||||
|
||||
import requests
|
||||
|
||||
|
@ -32,8 +33,6 @@ from infection_monkey.utils.commands import build_monkey_commandline
|
|||
logger = logging.getLogger(__name__)
|
||||
|
||||
HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
|
||||
EXPLOIT_TAGS = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
|
||||
PROPAGATION_TAGS = (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
|
||||
class HadoopExploiter(WebRCE):
|
||||
|
@ -44,6 +43,12 @@ class HadoopExploiter(WebRCE):
|
|||
# Random string's length that's used for creating unique app name
|
||||
RAN_STR_LEN = 6
|
||||
|
||||
def _exploiter_tags(self) -> Tuple[str, ...]:
|
||||
return (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def _propagation_tags(self) -> Tuple[str, ...]:
|
||||
return (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
|
||||
|
||||
def __init__(self):
|
||||
super(HadoopExploiter, self).__init__()
|
||||
|
||||
|
@ -54,10 +59,8 @@ class HadoopExploiter(WebRCE):
|
|||
if not self.vulnerable_urls:
|
||||
self.exploit.error_message = f"No vulnerable urls has been found for {self.host}"
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=False,
|
||||
False,
|
||||
error_message=self.exploit_result.error_message,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
return self.exploit_result
|
||||
|
||||
|
@ -75,25 +78,15 @@ class HadoopExploiter(WebRCE):
|
|||
self.exploit_result.exploitation_success = True
|
||||
self.exploit_result.propagation_success = True
|
||||
|
||||
self._publish_propagation_event(
|
||||
target=self.host.ip_addr,
|
||||
propagation_success=True,
|
||||
tags=PROPAGATION_TAGS,
|
||||
)
|
||||
self._publish_propagation_event(True)
|
||||
else:
|
||||
error_message = f"Failed to exploit via {self.vulnerable_urls[0]}"
|
||||
self._publish_exploitation_event(
|
||||
self.host.ip_addr, False, EXPLOIT_TAGS, error_message
|
||||
)
|
||||
self._publish_propagation_event(
|
||||
self.host.ip_addr, False, PROPAGATION_TAGS, error_message
|
||||
)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
self._publish_propagation_event(False, error_message=error_message)
|
||||
except requests.RequestException as err:
|
||||
error_message = str(err)
|
||||
self._publish_exploitation_event(self.host.ip_addr, False, EXPLOIT_TAGS, error_message)
|
||||
self._publish_propagation_event(
|
||||
self.host.ip_addr, False, PROPAGATION_TAGS, error_message
|
||||
)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
self._publish_propagation_event(False, error_message=error_message)
|
||||
finally:
|
||||
http_thread.join(self.DOWNLOAD_TIMEOUT)
|
||||
http_thread.stop()
|
||||
|
@ -129,11 +122,7 @@ class HadoopExploiter(WebRCE):
|
|||
|
||||
success = resp.status_code == 202
|
||||
if success:
|
||||
self._publish_exploitation_event(
|
||||
target=self.host.ip_addr,
|
||||
exploitation_success=True,
|
||||
tags=EXPLOIT_TAGS,
|
||||
)
|
||||
self._publish_exploitation_event(True)
|
||||
return success
|
||||
|
||||
def check_if_exploitable(self, url):
|
||||
|
|
Loading…
Reference in New Issue