p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

Agent, UT: fix ldap builder UT's and some imports in log4shell

This commit is contained in:
vakarisz 2022-01-05 14:15:56 +02:00
parent 563438c7f8
commit d2181f6577
3 changed files with 14 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
monkey/infection_monkey/exploit/log4shell.py
View File

@ -4,10 +4,11 @@ import logging
from threading import Thread from threading import Thread
from common.utils.exploit_enum import ExploitType from common.utils.exploit_enum import ExploitType
from infection_monkey.exploit.log4shell_utils import LDAPExploitServer, build_exploit_bytecode from infection_monkey.exploit.log4shell_utils import (
from infection_monkey.exploit.log4shell_utils.exploit_builder import (
LINUX_EXPLOIT_TEMPLATE_PATH, LINUX_EXPLOIT_TEMPLATE_PATH,
WINDOWS_EXPLOIT_TEMPLATE_PATH, WINDOWS_EXPLOIT_TEMPLATE_PATH,
LDAPExploitServer,
build_exploit_bytecode,
) )
from infection_monkey.exploit.log4shell_utils.requests import exploits from infection_monkey.exploit.log4shell_utils.requests import exploits
from infection_monkey.exploit.tools.helpers import get_monkey_depth from infection_monkey.exploit.tools.helpers import get_monkey_depth
@ -133,7 +134,9 @@ class Log4ShellExploiter(WebRCE):
Log4ShellExploiter.HTTPHandler.class_downloaded = True Log4ShellExploiter.HTTPHandler.class_downloaded = True
def _run_class_http_server(self, ip): def _run_class_http_server(self, ip):
server = http.server.HTTPServer((ip, self.class_http_server_port), Log4ShellExploiter.HTTPHandler) server = http.server.HTTPServer(
(ip, self.class_http_server_port), Log4ShellExploiter.HTTPHandler
)
while ( while (
not Log4ShellExploiter.HTTPHandler.class_downloaded not Log4ShellExploiter.HTTPHandler.class_downloaded
and not Log4ShellExploiter.HTTPHandler.stop and not Log4ShellExploiter.HTTPHandler.stop

7
monkey/infection_monkey/exploit/log4shell_utils/__init__.py
View File

@ -1,2 +1,7 @@
from .exploit_builder import build_exploit_bytecode, InvalidExploitTemplateError from .exploit_builder import (
build_exploit_bytecode,
InvalidExploitTemplateError,
LINUX_EXPLOIT_TEMPLATE_PATH,
WINDOWS_EXPLOIT_TEMPLATE_PATH,
)
from .ldap_server import LDAPExploitServer from .ldap_server import LDAPExploitServer

3
monkey/tests/unit_tests/infection_monkey/exploit/log4shell_utils/test_exploit_builder.py
View File

@ -1,6 +1,7 @@
import pytest import pytest
from infection_monkey.exploit.log4shell_utils import ( from infection_monkey.exploit.log4shell_utils import (
LINUX_EXPLOIT_TEMPLATE_PATH,
InvalidExploitTemplateError, InvalidExploitTemplateError,
build_exploit_bytecode, build_exploit_bytecode,
) )
@ -19,7 +20,7 @@ def invalid_templates_dir(data_for_tests_dir):
def test_inject_command(payload): def test_inject_command(payload):
expected_bytecode = b"\x21" + payload.encode() + b"\x0c" expected_bytecode = b"\x21" + payload.encode() + b"\x0c"
exploit_bytecode = build_exploit_bytecode(payload) exploit_bytecode = build_exploit_bytecode(payload, LINUX_EXPLOIT_TEMPLATE_PATH)
assert expected_bytecode in exploit_bytecode assert expected_bytecode in exploit_bytecode