p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Struts2 ignores certificate errors, updated schema

This commit is contained in:
VakarisZ 2019-05-09 12:23:44 +03:00
parent 576af97a82
commit 861750be5b
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
monkey/infection_monkey/exploit/struts2.py
View File

@ -7,6 +7,7 @@ import urllib2
import httplib import httplib
import unicodedata import unicodedata
import re import re
import ssl
import logging import logging
from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit.web_rce import WebRCE
@ -47,7 +48,7 @@ class Struts2Exploiter(WebRCE):
headers = {'User-Agent': 'Mozilla/5.0'} headers = {'User-Agent': 'Mozilla/5.0'}
request = urllib2.Request(url, headers=headers) request = urllib2.Request(url, headers=headers)
try: try:
return urllib2.urlopen(request).geturl() return urllib2.urlopen(request, context=ssl._create_unverified_context()).geturl()
except urllib2.URLError: except urllib2.URLError:
LOG.error("Can't reach struts2 server") LOG.error("Can't reach struts2 server")
return False return False

5
monkey/monkey_island/cc/services/config_schema.py
View File

@ -250,8 +250,9 @@ SCHEMA = {
"default": [ "default": [
], ],
"description": "description":
"List of IPs/subnets the monkey should scan." "List of IPs/subnets/hosts the monkey should scan."
" Examples: \"192.168.0.1\", \"192.168.0.5-192.168.0.20\", \"192.168.0.5/24\"" " Examples: \"192.168.0.1\", \"192.168.0.5-192.168.0.20\", \"192.168.0.5/24\","
" \"printer.example\""
} }
} }
}, },