From f001403a9282bf6b3d36dedefaefeaaff3f33f77 Mon Sep 17 00:00:00 2001 From: Vakaris Date: Thu, 23 Aug 2018 14:35:45 +0300 Subject: [PATCH] Fixed lock bug and made uploaded monkey names standard --- infection_monkey/exploit/weblogic.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/infection_monkey/exploit/weblogic.py b/infection_monkey/exploit/weblogic.py index f8db585a5..113a63046 100644 --- a/infection_monkey/exploit/weblogic.py +++ b/infection_monkey/exploit/weblogic.py @@ -45,8 +45,8 @@ class WebLogicExploiter(WebRCE): def __init__(self, host): super(WebLogicExploiter, self).__init__(host, {'linux': '/tmp/monkey.sh', - 'win32': 'monkey-32.exe', - 'win64': 'monkey-64.exe'}) + 'win32': 'monkey32.exe', + 'win64': 'monkey64.exe'}) def get_exploit_config(self): exploit_config = super(WebLogicExploiter, self).get_exploit_config() @@ -102,12 +102,13 @@ class WebLogicExploiter(WebRCE): Http server built to wait for GET requests. Because oracle web logic vuln is blind, we determine if we can exploit by either getting a GET request from host or not. """ - def __init__(self, local_ip, local_port, max_requests=1): + def __init__(self, local_ip, local_port, lock, max_requests=1): self._local_ip = local_ip self._local_port = local_port self.get_requests = 0 self.max_requests = max_requests self._stopped = False + self.lock = lock threading.Thread.__init__(self) def run(self): @@ -119,7 +120,7 @@ class WebLogicExploiter(WebRCE): LOG.info('Server waiting for exploited machine request...') httpd = HTTPServer((self._local_ip, self._local_port), S) httpd.daemon = True - LOCK.release() + self.lock.release() while not self._stopped and self.get_requests < self.max_requests: httpd.handle_request() @@ -135,7 +136,7 @@ class WebLogicExploiter(WebRCE): lock = threading.Lock() local_port = get_free_tcp_port() local_ip = get_interface_to_target(self.host.ip_addr) - httpd = WebLogicExploiter.HTTPServer(local_ip, local_port) + httpd = WebLogicExploiter.HTTPServer(local_ip, local_port, lock) httpd.daemon = True lock.acquire() httpd.start()