p17860254
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Add lock to HTTPHandler.do_GET() to avoid potential race

This commit is contained in:
Mike Salvatore 2022-01-19 15:14:18 -05:00
parent 76d6071f7c
commit d0e26f770f
1 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
monkey/infection_monkey/exploit/log4shell_utils/exploit_class_http_server.py
View File

@ -14,15 +14,25 @@ class HTTPHandler(http.server.BaseHTTPRequestHandler):
java_class: bytes java_class: bytes
class_downloaded: threading.Event class_downloaded: threading.Event
download_lock: threading.Lock
@classmethod
def initialize(cls, java_class: bytes, class_downloaded: threading.Event):
cls.java_class = java_class
cls.class_downloaded = class_downloaded
cls.download_lock = threading.Lock()
def do_GET(self): def do_GET(self):
with HTTPHandler.download_lock:
if HTTPHandler.class_downloaded.is_set(): if HTTPHandler.class_downloaded.is_set():
self.send_error( self.send_error(
HTTP_TOO_MANY_REQUESTS_ERROR_CODE, "Java exploit class has already been downloaded" HTTP_TOO_MANY_REQUESTS_ERROR_CODE,
"Java exploit class has already been downloaded",
) )
return return
HTTPHandler.class_downloaded.set() HTTPHandler.class_downloaded.set()
logger.info("Java class servergot a GET request!") logger.info("Java class servergot a GET request!")
self.send_response(200) self.send_response(200)
self.send_header("Content-type", "application/octet-stream") self.send_header("Content-type", "application/octet-stream")
@ -52,7 +62,7 @@ class ExploitClassHTTPServer:
self._class_downloaded = threading.Event() self._class_downloaded = threading.Event()
self._poll_interval = poll_interval self._poll_interval = poll_interval
self._initialize_http_handler(java_class) HTTPHandler.initialize(java_class, self._class_downloaded)
self._server = http.server.HTTPServer((ip, port), HTTPHandler) self._server = http.server.HTTPServer((ip, port), HTTPHandler)
# Setting `daemon=True` to save ourselves some trouble when this is merged to the # Setting `daemon=True` to save ourselves some trouble when this is merged to the
@ -63,10 +73,6 @@ class ExploitClassHTTPServer:
target=self._server.serve_forever, args=(self._poll_interval,), daemon=True target=self._server.serve_forever, args=(self._poll_interval,), daemon=True
) )
def _initialize_http_handler(self, java_class: bytes):
HTTPHandler.java_class = java_class
HTTPHandler.class_downloaded = self._class_downloaded
def run(self): def run(self):
""" """
Runs the HTTP server in the background and blocks until the server has started. Runs the HTTP server in the background and blocks until the server has started.