p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Agent: Add helpful debug logging to log4shell exploiter

This commit is contained in:
Mike Salvatore 2022-03-03 13:48:00 -05:00
parent d3c75200fd
commit 928192b9b0
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
monkey/infection_monkey/exploit/log4shell.py
View File

@ -138,6 +138,10 @@ class Log4ShellExploiter(WebRCE):
# because we don't know which services are running and on which ports # because we don't know which services are running and on which ports
for exploit in get_log4shell_service_exploiters(): for exploit in get_log4shell_service_exploiters():
for port in self._open_ports: for port in self._open_ports:
logger.debug(
f'Attempting Log4Shell exploit on for service "{exploit.service_name}"'
f"on port {port}"
)
try: try:
url = exploit.trigger_exploit(self._build_ldap_payload(), self.host, port) url = exploit.trigger_exploit(self._build_ldap_payload(), self.host, port)
except Exception as ex: except Exception as ex:
@ -175,6 +179,7 @@ class Log4ShellExploiter(WebRCE):
time.sleep(1) time.sleep(1)
logger.debug("Timed out while waiting for victim to download the java bytecode")
return False return False
def _wait_for_victim_to_download_agent(self): def _wait_for_victim_to_download_agent(self):