From 3e592cfa69229880ba25b0de48b09f1b0cdd531e Mon Sep 17 00:00:00 2001 From: Kekoa Kaaikala Date: Wed, 5 Oct 2022 18:25:40 +0000 Subject: [PATCH] Agent: Use exploiter tag properties --- monkey/infection_monkey/exploit/hadoop.py | 39 ++++++++--------------- 1 file changed, 14 insertions(+), 25 deletions(-) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index c5a8b2cf3..1f5932121 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -9,6 +9,7 @@ import logging import posixpath import random import string +from typing import Tuple import requests @@ -32,8 +33,6 @@ from infection_monkey.utils.commands import build_monkey_commandline logger = logging.getLogger(__name__) HADOOP_EXPLOITER_TAG = "hadoop-exploiter" -EXPLOIT_TAGS = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG) -PROPAGATION_TAGS = (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG) class HadoopExploiter(WebRCE): @@ -44,6 +43,12 @@ class HadoopExploiter(WebRCE): # Random string's length that's used for creating unique app name RAN_STR_LEN = 6 + def _exploiter_tags(self) -> Tuple[str, ...]: + return (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG, T1210_ATTACK_TECHNIQUE_TAG) + + def _propagation_tags(self) -> Tuple[str, ...]: + return (HADOOP_EXPLOITER_TAG, T1105_ATTACK_TECHNIQUE_TAG) + def __init__(self): super(HadoopExploiter, self).__init__() @@ -54,10 +59,8 @@ class HadoopExploiter(WebRCE): if not self.vulnerable_urls: self.exploit.error_message = f"No vulnerable urls has been found for {self.host}" self._publish_exploitation_event( - target=self.host.ip_addr, - exploitation_success=False, + False, error_message=self.exploit_result.error_message, - tags=EXPLOIT_TAGS, ) return self.exploit_result @@ -75,25 +78,15 @@ class HadoopExploiter(WebRCE): self.exploit_result.exploitation_success = True self.exploit_result.propagation_success = True - self._publish_propagation_event( - target=self.host.ip_addr, - propagation_success=True, - tags=PROPAGATION_TAGS, - ) + self._publish_propagation_event(True) else: error_message = f"Failed to exploit via {self.vulnerable_urls[0]}" - self._publish_exploitation_event( - self.host.ip_addr, False, EXPLOIT_TAGS, error_message - ) - self._publish_propagation_event( - self.host.ip_addr, False, PROPAGATION_TAGS, error_message - ) + self._publish_exploitation_event(False, error_message=error_message) + self._publish_propagation_event(False, error_message=error_message) except requests.RequestException as err: error_message = str(err) - self._publish_exploitation_event(self.host.ip_addr, False, EXPLOIT_TAGS, error_message) - self._publish_propagation_event( - self.host.ip_addr, False, PROPAGATION_TAGS, error_message - ) + self._publish_exploitation_event(False, error_message=error_message) + self._publish_propagation_event(False, error_message=error_message) finally: http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.stop() @@ -129,11 +122,7 @@ class HadoopExploiter(WebRCE): success = resp.status_code == 202 if success: - self._publish_exploitation_event( - target=self.host.ip_addr, - exploitation_success=True, - tags=EXPLOIT_TAGS, - ) + self._publish_exploitation_event(True) return success def check_if_exploitable(self, url):