From 4ac7c0197654ba26b4ba7136921a3533db75d218 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Tue, 9 Mar 2021 11:32:52 -0500
Subject: [PATCH 1/3] agent: add 2 new log statements to the dropper

---
 monkey/infection_monkey/dropper.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py
index cb7be181d..d98eb8e9e 100644
--- a/monkey/infection_monkey/dropper.py
+++ b/monkey/infection_monkey/dropper.py
@@ -145,6 +145,8 @@ class MonkeyDrops(object):
             LOG.warning("Seems like monkey died too soon")
 
     def cleanup(self):
+        LOG.info("Cleaning up the dropper")
+
         try:
             if (self._config['source_path'].lower() != self._config['destination_path'].lower()) and \
                     os.path.exists(self._config['source_path']) and \
@@ -166,5 +168,7 @@ class MonkeyDrops(object):
                         LOG.debug("Dropper source file '%s' is marked for deletion on next boot",
                                   self._config['source_path'])
                         T1106Telem(ScanStatus.USED, UsageEnum.DROPPER_WINAPI).send()
+
+            LOG.info("Dropper cleanup complete")
         except AttributeError:
             LOG.error("Invalid configuration options. Failing")

From e7528e95448e2298a191ca6930f9eaea1a895186 Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Tue, 9 Mar 2021 11:35:38 -0500
Subject: [PATCH 2/3] agent: Use PIPE for stdin, stdout, and stderr in dropper

The dropper is expected to detatch the child monkey agent process. If
stdin, stdout, and stderr are set to `None`, the child process inherits
them. Since the child process inherits the parent's file descriptors and
holds them open, issues like #1026 can occur.
---
 monkey/infection_monkey/dropper.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/monkey/infection_monkey/dropper.py b/monkey/infection_monkey/dropper.py
index d98eb8e9e..9b374c9f1 100644
--- a/monkey/infection_monkey/dropper.py
+++ b/monkey/infection_monkey/dropper.py
@@ -134,7 +134,9 @@ class MonkeyDrops(object):
                                                       'monkey_commandline': inner_monkey_cmdline}
 
         monkey_process = subprocess.Popen(monkey_cmdline, shell=True,
-                                          stdin=None, stdout=None, stderr=None,
+                                          stdin=subprocess.PIPE,
+                                          stdout=subprocess.PIPE,
+                                          stderr=subprocess.PIPE,
                                           close_fds=True, creationflags=DETACHED_PROCESS)
 
         LOG.info("Executed monkey process (PID=%d) with command line: %s",

From 3714dd2f6f184a2c4f625e54abb820ed768981db Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Tue, 9 Mar 2021 11:39:44 -0500
Subject: [PATCH 3/3] agent: Use the dropper in the DrupalExploiter

Fixes #1026
---
 monkey/infection_monkey/exploit/drupal.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py
index 5872f4703..04b0ce431 100644
--- a/monkey/infection_monkey/exploit/drupal.py
+++ b/monkey/infection_monkey/exploit/drupal.py
@@ -36,6 +36,7 @@ class DrupalExploiter(WebRCE):
         exploit_config = super(DrupalExploiter, self).get_exploit_config()
         exploit_config['url_extensions'] = ['node/',         # In Linux, no path is added
                                             'drupal/node/']  # However, Bitnami installations are under /drupal
+        exploit_config['dropper'] = True
         return exploit_config
 
     def add_vulnerable_urls(self, potential_urls, stop_checking=False):