p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Use exploiter tag properties

This commit is contained in:
Kekoa Kaaikala 2022-10-05 18:25:40 +00:00 committed by Ilija Lazoroski
parent 4a0a24dde2
commit 3e592cfa69
1 changed files with 14 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
monkey/infection_monkey/exploit/hadoop.py
View File

@ -9,6 +9,7 @@ import logging
import posixpath import posixpath
import random import random
import string import string
from typing import Tuple
import requests import requests
@ -32,8 +33,6 @@ from infection_monkey.utils.commands import build_monkey_commandline
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
HADOOP_EXPLOITER_TAG = "hadoop-exploiter" HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
EXPLOIT_TAGS = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
PROPAGATION_TAGS = (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
class HadoopExploiter(WebRCE): class HadoopExploiter(WebRCE):
@ -44,6 +43,12 @@ class HadoopExploiter(WebRCE):
# Random string's length that's used for creating unique app name # Random string's length that's used for creating unique app name
RAN_STR_LEN = 6 RAN_STR_LEN = 6
def _exploiter_tags(self) -> Tuple[str, ...]:
return (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG)
def _propagation_tags(self) -> Tuple[str, ...]:
return (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG)
def __init__(self): def __init__(self):
super(HadoopExploiter, self).__init__() super(HadoopExploiter, self).__init__()
@ -54,10 +59,8 @@ class HadoopExploiter(WebRCE):
if not self.vulnerable_urls: if not self.vulnerable_urls:
self.exploit.error_message = f"No vulnerable urls has been found for {self.host}" self.exploit.error_message = f"No vulnerable urls has been found for {self.host}"
self._publish_exploitation_event( self._publish_exploitation_event(
target=self.host.ip_addr, False,
exploitation_success=False,
error_message=self.exploit_result.error_message, error_message=self.exploit_result.error_message,
tags=EXPLOIT_TAGS,
) )
return self.exploit_result return self.exploit_result
@ -75,25 +78,15 @@ class HadoopExploiter(WebRCE):
self.exploit_result.exploitation_success = True self.exploit_result.exploitation_success = True
self.exploit_result.propagation_success = True self.exploit_result.propagation_success = True
self._publish_propagation_event( self._publish_propagation_event(True)
target=self.host.ip_addr,
propagation_success=True,
tags=PROPAGATION_TAGS,
)
else: else:
error_message = f"Failed to exploit via {self.vulnerable_urls[0]}" error_message = f"Failed to exploit via {self.vulnerable_urls[0]}"
self._publish_exploitation_event( self._publish_exploitation_event(False, error_message=error_message)
self.host.ip_addr, False, EXPLOIT_TAGS, error_message self._publish_propagation_event(False, error_message=error_message)
)
self._publish_propagation_event(
self.host.ip_addr, False, PROPAGATION_TAGS, error_message
)
except requests.RequestException as err: except requests.RequestException as err:
error_message = str(err) error_message = str(err)
self._publish_exploitation_event(self.host.ip_addr, False, EXPLOIT_TAGS, error_message) self._publish_exploitation_event(False, error_message=error_message)
self._publish_propagation_event( self._publish_propagation_event(False, error_message=error_message)
self.host.ip_addr, False, PROPAGATION_TAGS, error_message
)
finally: finally:
http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop() http_thread.stop()
@ -129,11 +122,7 @@ class HadoopExploiter(WebRCE):
success = resp.status_code == 202 success = resp.status_code == 202
if success: if success:
self._publish_exploitation_event( self._publish_exploitation_event(True)
target=self.host.ip_addr,
exploitation_success=True,
tags=EXPLOIT_TAGS,
)
return success return success
def check_if_exploitable(self, url): def check_if_exploitable(self, url):