p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bugfix: http servers thread is stopped if remote target is not vulnerable

This commit is contained in:
Vakaris 2018-08-07 15:09:36 +03:00
parent ab64e78f00
commit 66bc852742
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
infection_monkey/exploit/weblogic.py
View File

@ -18,8 +18,8 @@ import copy
__author__ = "VakarisZ" __author__ = "VakarisZ"
LOG = logging.getLogger(__name__) LOG = logging.getLogger(__name__)
# How long server waits for response # How long server waits for get request
DOWNLOAD_TIMEOUT = 4 SERVER_TIMEOUT = 4
# How long to wait for a request to go to vuln machine and then to our server from there # How long to wait for a request to go to vuln machine and then to our server from there
REQUEST_TIMEOUT = 2 REQUEST_TIMEOUT = 2
# How long to wait for response in exploitation # How long to wait for response in exploitation
@ -162,6 +162,10 @@ class WebLogicExploiter(WebRCE):
self._stopped = True self._stopped = True
return httpd return httpd
def stop(self):
self._stopped = True
return
def test_exploit(self, url): def test_exploit(self, url):
local_port = get_free_tcp_port() local_port = get_free_tcp_port()
local_ip = get_interface_to_target(self.host.ip_addr) local_ip = get_interface_to_target(self.host.ip_addr)
@ -195,7 +199,8 @@ class WebLogicExploiter(WebRCE):
LOG.error("Something went wrong: %s" % e) LOG.error("Something went wrong: %s" % e)
LOCK.release() LOCK.release()
httpd.join(DOWNLOAD_TIMEOUT) httpd.join(SERVER_TIMEOUT)
httpd.stop()
if httpd.get_requests > 0: if httpd.get_requests > 0:
exploited = True exploited = True
else: else: