Agent: Return ExploiterResultData from Log4ShellExploiter's _exploit_host()

2022-02-28 14:16:52 +05:30 · 2022-02-28 14:16:52 +05:30 · 36e01ae472
parent f270a50c00
commit 36e01ae472
1 changed files with 8 additions and 7 deletions
--- a/monkey/infection_monkey/exploit/log4shell.py
+++ b/monkey/infection_monkey/exploit/log4shell.py
@ -24,6 +24,7 @@ from infection_monkey.network.info import get_free_tcp_port
 from infection_monkey.network.tools import get_interface_to_target
 from infection_monkey.utils.commands import build_monkey_commandline
 from infection_monkey.utils.monkey_dir import get_monkey_dir_path
+from monkey.infection_monkey.i_puppet.i_puppet import ExploiterResultData

 logger = logging.getLogger(__name__)

@ -52,14 +53,15 @@ class Log4ShellExploiter(WebRCE):
            int(port[0]) for port in WebRCE.get_open_service_ports(self.host, self.HTTP, ["http"])
        ]

-    def _exploit_host(self):
+    def _exploit_host(self) -> ExploiterResultData:
        if not self._open_ports:
            logger.info("Could not find any open web ports to exploit")
-            return False
+            return self.exploit_result

        self._start_servers()
        try:
-            return self.exploit(None, None)
+            self.exploit(None, None)
+            return self.exploit_result
        finally:
            self._stop_servers()

@ -137,7 +139,7 @@ class Log4ShellExploiter(WebRCE):
        else:
            return build_exploit_bytecode(exploit_command, WINDOWS_EXPLOIT_TEMPLATE_PATH)

-    def exploit(self, url, command) -> bool:
+    def exploit(self, url, command) -> None:
        # Try to exploit all services,
        # because we don't know which services are running and on which ports
        for exploit in get_log4shell_service_exploiters():
@ -156,9 +158,8 @@ class Log4ShellExploiter(WebRCE):
                        "port": port,
                    }
                    self.exploit_info["vulnerable_urls"].append(url)
-                    return True
-
-        return False
+                    self.exploit_result.exploitation_success = True
+                    self.exploit_result.propagation_success = True

    def _wait_for_victim(self) -> bool:
        victim_called_back = False