Island: Add info about Log4Shell to config schema

2022-01-12 14:05:17 +05:30 · 2022-01-12 14:05:17 +05:30 · f8ac13c164
parent c51be159b6
commit f8ac13c164
1 changed files with 11 additions and 9 deletions
--- a/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
+++ b/monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py
@ -42,15 +42,6 @@ EXPLOITER_CLASSES = {
            "link": "https://www.guardicore.com/infectionmonkey/docs/reference"
            "/exploiters/mssql/",
        },
-        # TODO finish description
-        {
-            "type": "string",
-            "enum": ["Log4ShellExploiter"],
-            "title": "Log4Shell Exploiter",
-            "safe": True,
-            "info": "TODO: provide full info.",
-            "link": "TODO: link to docs",
-        },
        {
            "type": "string",
            "enum": ["Ms08_067_Exploiter"],
@ -174,5 +165,16 @@ EXPLOITER_CLASSES = {
            "link": "https://www.guardicore.com/infectionmonkey"
            "/docs/reference/exploiters/powershell",
        },
+        {
+            "type": "string",
+            "enum": ["Log4ShellExploiter"],
+            "title": "Log4Shell Exploiter",
+            "safe": True,
+            "info": "Exploits a software vulnerability (CVE-2021-44228) in Apache Log4j, a Java "
+            "logging framework. Exploitation is attempted on the following services — "
+            "Apache Solr, Apache Tomcat, Logstash.",
+            "link": "https://www.guardicore.com/infectionmonkey/docs/reference"
+            "/exploiters/log4shell/",
+        },
    ],
 }