Bugfix: http servers thread is stopped if remote target is not vulnerable

2018-08-07 15:09:36 +03:00 · 2018-08-07 15:09:36 +03:00 · 66bc852742
parent ab64e78f00
commit 66bc852742
1 changed files with 8 additions and 3 deletions
--- a/infection_monkey/exploit/weblogic.py
+++ b/infection_monkey/exploit/weblogic.py
@ -18,8 +18,8 @@ import copy
 __author__ = "VakarisZ"

 LOG = logging.getLogger(__name__)
-# How long server waits for response
-DOWNLOAD_TIMEOUT = 4
+# How long server waits for get request
+SERVER_TIMEOUT = 4
 # How long to wait for a request to go to vuln machine and then to our server from there
 REQUEST_TIMEOUT = 2
 # How long to wait for response in exploitation
@ -162,6 +162,10 @@ class WebLogicExploiter(WebRCE):
            self._stopped = True
            return httpd

+        def stop(self):
+            self._stopped = True
+            return
+
    def test_exploit(self, url):
        local_port = get_free_tcp_port()
        local_ip = get_interface_to_target(self.host.ip_addr)
@ -195,7 +199,8 @@ class WebLogicExploiter(WebRCE):
            LOG.error("Something went wrong: %s" % e)

        LOCK.release()
-        httpd.join(DOWNLOAD_TIMEOUT)
+        httpd.join(SERVER_TIMEOUT)
+        httpd.stop()
        if httpd.get_requests > 0:
            exploited = True
        else: