p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Fixed lock bug and made uploaded monkey names standard

This commit is contained in:
Vakaris 2018-08-23 14:35:45 +03:00
parent 8e8422b3b7
commit f001403a92
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
infection_monkey/exploit/weblogic.py
View File

@ -45,8 +45,8 @@ class WebLogicExploiter(WebRCE):
def __init__(self, host):
super(WebLogicExploiter, self).__init__(host, {'linux': '/tmp/monkey.sh',
'win32': 'monkey-32.exe',
'win64': 'monkey-64.exe'})
'win32': 'monkey32.exe',
'win64': 'monkey64.exe'})
def get_exploit_config(self):
exploit_config = super(WebLogicExploiter, self).get_exploit_config()
@ -102,12 +102,13 @@ class WebLogicExploiter(WebRCE):
Http server built to wait for GET requests. Because oracle web logic vuln is blind,
we determine if we can exploit by either getting a GET request from host or not.
"""
def __init__(self, local_ip, local_port, max_requests=1):
def __init__(self, local_ip, local_port, lock, max_requests=1):
self._local_ip = local_ip
self._local_port = local_port
self.get_requests = 0
self.max_requests = max_requests
self._stopped = False
self.lock = lock
threading.Thread.__init__(self)
def run(self):
@ -119,7 +120,7 @@ class WebLogicExploiter(WebRCE):
LOG.info('Server waiting for exploited machine request...')
httpd = HTTPServer((self._local_ip, self._local_port), S)
httpd.daemon = True
LOCK.release()
self.lock.release()
while not self._stopped and self.get_requests < self.max_requests:
httpd.handle_request()
@ -135,7 +136,7 @@ class WebLogicExploiter(WebRCE):
lock = threading.Lock()
local_port = get_free_tcp_port()
local_ip = get_interface_to_target(self.host.ip_addr)
httpd = WebLogicExploiter.HTTPServer(local_ip, local_port)
httpd = WebLogicExploiter.HTTPServer(local_ip, local_port, lock)
httpd.daemon = True
lock.acquire()
httpd.start()