Fix DUO123 warnings
This commit is contained in:
parent
b0be14193d
commit
c0fdc9561f
|
@ -66,8 +66,8 @@ class MonkeyIslandRequests(object):
|
|||
return request_function_wrapper
|
||||
|
||||
def get_jwt_from_server(self):
|
||||
resp = requests.post(
|
||||
self.addr + "api/auth", # noqa: DUO123
|
||||
resp = requests.post( # noqa: DUO123
|
||||
self.addr + "api/auth",
|
||||
json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS},
|
||||
verify=False,
|
||||
)
|
||||
|
@ -75,8 +75,8 @@ class MonkeyIslandRequests(object):
|
|||
|
||||
@_Decorators.refresh_jwt_token
|
||||
def get(self, url, data=None):
|
||||
return requests.get(
|
||||
self.addr + url, # noqa: DUO123
|
||||
return requests.get( # noqa: DUO123
|
||||
self.addr + url,
|
||||
headers=self.get_jwt_header(),
|
||||
params=data,
|
||||
verify=False,
|
||||
|
@ -84,25 +84,25 @@ class MonkeyIslandRequests(object):
|
|||
|
||||
@_Decorators.refresh_jwt_token
|
||||
def post(self, url, data):
|
||||
return requests.post(
|
||||
self.addr + url, data=data, headers=self.get_jwt_header(), verify=False # noqa: DUO123
|
||||
return requests.post( # noqa: DUO123
|
||||
self.addr + url, data=data, headers=self.get_jwt_header(), verify=False
|
||||
)
|
||||
|
||||
@_Decorators.refresh_jwt_token
|
||||
def post_json(self, url, data: Dict):
|
||||
return requests.post(
|
||||
self.addr + url, json=data, headers=self.get_jwt_header(), verify=False # noqa: DUO123
|
||||
return requests.post( # noqa: DUO123
|
||||
self.addr + url, json=data, headers=self.get_jwt_header(), verify=False
|
||||
)
|
||||
|
||||
@_Decorators.refresh_jwt_token
|
||||
def patch(self, url, data: Dict):
|
||||
return requests.patch(
|
||||
self.addr + url, data=data, headers=self.get_jwt_header(), verify=False # noqa: DUO123
|
||||
return requests.patch( # noqa: DUO123
|
||||
self.addr + url, data=data, headers=self.get_jwt_header(), verify=False
|
||||
)
|
||||
|
||||
@_Decorators.refresh_jwt_token
|
||||
def delete(self, url):
|
||||
return requests.delete( # noqa: DOU123
|
||||
return requests.delete( # noqa: DUO123
|
||||
self.addr + url, headers=self.get_jwt_header(), verify=False
|
||||
)
|
||||
|
||||
|
|
|
@ -64,8 +64,8 @@ class ControlClient(object):
|
|||
if ControlClient.proxies:
|
||||
monkey["tunnel"] = ControlClient.proxies.get("https")
|
||||
|
||||
requests.post(
|
||||
"https://%s/api/monkey" % (WormConfiguration.current_server,), # noqa: DUO123
|
||||
requests.post( # noqa: DUO123
|
||||
"https://%s/api/monkey" % (WormConfiguration.current_server,),
|
||||
data=json.dumps(monkey),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -92,8 +92,8 @@ class ControlClient(object):
|
|||
if ControlClient.proxies:
|
||||
debug_message += " through proxies: %s" % ControlClient.proxies
|
||||
LOG.debug(debug_message)
|
||||
requests.get(
|
||||
f"https://{server}/api?action=is-up", # noqa: DUO123
|
||||
requests.get( # noqa: DUO123
|
||||
f"https://{server}/api?action=is-up",
|
||||
verify=False,
|
||||
proxies=ControlClient.proxies,
|
||||
timeout=TIMEOUT_IN_SECONDS,
|
||||
|
@ -130,9 +130,8 @@ class ControlClient(object):
|
|||
monkey = {}
|
||||
if ControlClient.proxies:
|
||||
monkey["tunnel"] = ControlClient.proxies.get("https")
|
||||
requests.patch(
|
||||
"https://%s/api/monkey/%s"
|
||||
% (WormConfiguration.current_server, GUID), # noqa: DUO123
|
||||
requests.patch( # noqa: DUO123
|
||||
"https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
|
||||
data=json.dumps(monkey),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -155,8 +154,8 @@ class ControlClient(object):
|
|||
return
|
||||
try:
|
||||
telemetry = {"monkey_guid": GUID, "telem_category": telem_category, "data": json_data}
|
||||
requests.post(
|
||||
"https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123
|
||||
requests.post( # noqa: DUO123
|
||||
"https://%s/api/telemetry" % (WormConfiguration.current_server,),
|
||||
data=json.dumps(telemetry),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -174,8 +173,8 @@ class ControlClient(object):
|
|||
return
|
||||
try:
|
||||
telemetry = {"monkey_guid": GUID, "log": json.dumps(log)}
|
||||
requests.post(
|
||||
"https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123
|
||||
requests.post( # noqa: DUO123
|
||||
"https://%s/api/log" % (WormConfiguration.current_server,),
|
||||
data=json.dumps(telemetry),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -192,9 +191,8 @@ class ControlClient(object):
|
|||
if not WormConfiguration.current_server:
|
||||
return
|
||||
try:
|
||||
reply = requests.get(
|
||||
"https://%s/api/monkey/%s"
|
||||
% (WormConfiguration.current_server, GUID), # noqa: DUO123
|
||||
reply = requests.get( # noqa: DUO123
|
||||
"https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
|
||||
verify=False,
|
||||
proxies=ControlClient.proxies,
|
||||
timeout=MEDIUM_REQUEST_TIMEOUT,
|
||||
|
@ -230,9 +228,8 @@ class ControlClient(object):
|
|||
if not WormConfiguration.current_server:
|
||||
return
|
||||
try:
|
||||
requests.patch(
|
||||
"https://%s/api/monkey/%s"
|
||||
% (WormConfiguration.current_server, GUID), # noqa: DUO123
|
||||
requests.patch( # noqa: DUO123
|
||||
"https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
|
||||
data=json.dumps({"config_error": True}),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -292,9 +289,9 @@ class ControlClient(object):
|
|||
if (monkeyfs.isfile(dest_file)) and (size == monkeyfs.getsize(dest_file)):
|
||||
return dest_file
|
||||
else:
|
||||
download = requests.get(
|
||||
download = requests.get( # noqa: DUO123
|
||||
"https://%s/api/monkey/download/%s"
|
||||
% (WormConfiguration.current_server, filename), # noqa: DUO123
|
||||
% (WormConfiguration.current_server, filename),
|
||||
verify=False,
|
||||
proxies=ControlClient.proxies,
|
||||
timeout=MEDIUM_REQUEST_TIMEOUT,
|
||||
|
@ -322,9 +319,8 @@ class ControlClient(object):
|
|||
if not WormConfiguration.current_server:
|
||||
return None, None
|
||||
try:
|
||||
reply = requests.post(
|
||||
"https://%s/api/monkey/download"
|
||||
% (WormConfiguration.current_server,), # noqa: DUO123
|
||||
reply = requests.post( # noqa: DUO123
|
||||
"https://%s/api/monkey/download" % (WormConfiguration.current_server,),
|
||||
data=json.dumps(host_dict),
|
||||
headers={"content-type": "application/json"},
|
||||
verify=False,
|
||||
|
@ -370,8 +366,8 @@ class ControlClient(object):
|
|||
@staticmethod
|
||||
def get_pba_file(filename):
|
||||
try:
|
||||
return requests.get(
|
||||
PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename), # noqa: DUO123
|
||||
return requests.get( # noqa: DUO123
|
||||
PBA_FILE_DOWNLOAD % (WormConfiguration.current_server, filename),
|
||||
verify=False,
|
||||
proxies=ControlClient.proxies,
|
||||
timeout=LONG_REQUEST_TIMEOUT,
|
||||
|
@ -382,9 +378,9 @@ class ControlClient(object):
|
|||
@staticmethod
|
||||
def get_T1216_pba_file():
|
||||
try:
|
||||
return requests.get(
|
||||
return requests.get( # noqa: DUO123
|
||||
urljoin(
|
||||
f"https://{WormConfiguration.current_server}/", # noqa: DUO123
|
||||
f"https://{WormConfiguration.current_server}/",
|
||||
T1216_PBA_FILE_DOWNLOAD_PATH,
|
||||
),
|
||||
verify=False,
|
||||
|
@ -416,7 +412,9 @@ class ControlClient(object):
|
|||
f"https://{WormConfiguration.current_server}/api/monkey_control"
|
||||
f"/check_remote_port/{port}"
|
||||
)
|
||||
response = requests.get(url, verify=False, timeout=SHORT_REQUEST_TIMEOUT)
|
||||
response = requests.get( # noqa: DUO123
|
||||
url, verify=False, timeout=SHORT_REQUEST_TIMEOUT
|
||||
)
|
||||
response = json.loads(response.content.decode())
|
||||
return response["status"] == "port_visible"
|
||||
except requests.exceptions.RequestException:
|
||||
|
@ -424,7 +422,7 @@ class ControlClient(object):
|
|||
|
||||
@staticmethod
|
||||
def report_start_on_island():
|
||||
requests.post(
|
||||
requests.post( # noqa: DUO123
|
||||
f"https://{WormConfiguration.current_server}/api/monkey_control/started_on_island",
|
||||
data=json.dumps({"started_on_island": True}),
|
||||
verify=False,
|
||||
|
|
|
@ -82,8 +82,8 @@ class DrupalExploiter(WebRCE):
|
|||
"""
|
||||
payload = build_exploitability_check_payload(url)
|
||||
|
||||
response = requests.get(
|
||||
f"{url}?_format=hal_json", # noqa: DUO123
|
||||
response = requests.get( # noqa: DUO123
|
||||
f"{url}?_format=hal_json",
|
||||
json=payload,
|
||||
headers={"Content-Type": "application/hal+json"},
|
||||
verify=False,
|
||||
|
@ -102,8 +102,8 @@ class DrupalExploiter(WebRCE):
|
|||
base = remove_port(url)
|
||||
payload = build_cmd_execution_payload(base, cmd)
|
||||
|
||||
r = requests.get(
|
||||
f"{url}?_format=hal_json", # noqa: DUO123
|
||||
r = requests.get( # noqa: DUO123
|
||||
f"{url}?_format=hal_json",
|
||||
json=payload,
|
||||
headers={"Content-Type": "application/hal+json"},
|
||||
verify=False,
|
||||
|
@ -157,9 +157,9 @@ def find_exploitbale_article_ids(base_url: str, lower: int = 1, upper: int = 100
|
|||
articles = set()
|
||||
while lower < upper:
|
||||
node_url = urljoin(base_url, str(lower))
|
||||
response = requests.get(
|
||||
response = requests.get( # noqa: DUO123
|
||||
node_url, verify=False, timeout=LONG_REQUEST_TIMEOUT
|
||||
) # noqa: DUO123
|
||||
)
|
||||
if response.status_code == 200:
|
||||
if is_response_cached(response):
|
||||
LOG.info(f"Found a cached article at: {node_url}, skipping")
|
||||
|
|
|
@ -243,9 +243,9 @@ class ShellShockExploiter(HostExploiter):
|
|||
try:
|
||||
LOG.debug("Header is: %s" % header)
|
||||
LOG.debug("Attack is: %s" % attack)
|
||||
r = requests.get(
|
||||
r = requests.get( # noqa: DUO123
|
||||
url, headers={header: attack}, verify=False, timeout=TIMEOUT
|
||||
) # noqa: DUO123
|
||||
)
|
||||
result = r.content.decode()
|
||||
return result
|
||||
except requests.exceptions.RequestException as exc:
|
||||
|
|
|
@ -83,9 +83,9 @@ class WebLogic201710271(WebRCE):
|
|||
else:
|
||||
payload = self.get_exploit_payload("cmd", "/c", command + " 1> NUL 2> NUL")
|
||||
try:
|
||||
post(
|
||||
post( # noqa: DUO123
|
||||
url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False
|
||||
) # noqa: DUO123
|
||||
)
|
||||
except Exception as e:
|
||||
LOG.error("Connection error: %s" % e)
|
||||
return False
|
||||
|
@ -121,9 +121,9 @@ class WebLogic201710271(WebRCE):
|
|||
def check_if_exploitable_weblogic(self, url, httpd):
|
||||
payload = self.get_test_payload(ip=httpd.local_ip, port=httpd.local_port)
|
||||
try:
|
||||
post(
|
||||
post( # noqa: DUO123
|
||||
url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False
|
||||
) # noqa: DUO123
|
||||
)
|
||||
except exceptions.ReadTimeout:
|
||||
# Our request will not get response thus we get ReadTimeout error
|
||||
pass
|
||||
|
|
|
@ -126,7 +126,7 @@ class HTTPConnectProxyHandler(http.server.BaseHTTPRequestHandler):
|
|||
LOG.info("Received bootloader's request: {}".format(post_data))
|
||||
try:
|
||||
dest_path = self.path
|
||||
r = requests.post(
|
||||
r = requests.post( # noqa: DUO123
|
||||
url=dest_path,
|
||||
data=post_data,
|
||||
verify=False,
|
||||
|
|
|
@ -33,9 +33,9 @@ class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
|
|||
# The island server doesn't always have a correct SSL cert installed
|
||||
# (By default it comes with a self signed one),
|
||||
# that's why we're not verifying the cert in this request.
|
||||
r = requests.post(
|
||||
r = requests.post( # noqa: DUO123
|
||||
url=island_server_path, data=post_data, verify=False, timeout=SHORT_REQUEST_TIMEOUT
|
||||
) # noqa: DUO123
|
||||
)
|
||||
|
||||
try:
|
||||
if r.status_code != 200:
|
||||
|
|
Loading…
Reference in New Issue