renames, formatting and documentation

2020-08-27 19:47:08 +03:00 · 2020-08-27 19:47:08 +03:00 · f3f124ce76
parent 610d3d1144
commit f3f124ce76
1 changed files with 3 additions and 3 deletions
--- a/monkey/infection_monkey/exploit/web_rce.py
+++ b/monkey/infection_monkey/exploit/web_rce.py
@ -83,8 +83,8 @@ class WebRCE(HostExploiter):
        if not ports:
            return False
        # Get urls to try to exploit
-        urls = self.build_potential_urls(ports, exploit_config['url_extensions'])
-        self.add_vulnerable_urls(urls, exploit_config['stop_checking_urls'])
+        potential_urls = self.build_potential_urls(ports, exploit_config['url_extensions'])
+        self.add_vulnerable_urls(potential_urls, exploit_config['stop_checking_urls'])

        if not self.vulnerable_urls:
            return False
@ -187,6 +187,7 @@ class WebRCE(HostExploiter):

    def build_potential_urls(self, ports, extensions=None):
        """
+        Build all possibly-vulnerable URLs on a specific host, based on the relevant ports and extensions.
        :param ports: Array of ports. One port is described as size 2 array: [port.no(int), isHTTPS?(bool)]
        Eg. ports: [[80, False], [443, True]]
        :param extensions: What subdirectories to scan. www.domain.com[/extension]
@ -344,7 +345,6 @@ class WebRCE(HostExploiter):
        if not commands:
            commands = {'windows': POWERSHELL_HTTP_UPLOAD, 'linux': WGET_HTTP_UPLOAD}
        command = self.get_command(paths['dest_path'], http_path, commands)
-
        resp = self.exploit(url, command)
        self.add_executed_cmd(command)
        resp = self.run_backup_commands(resp, url, paths['dest_path'], http_path)