forked from p34709852/monkey
Merge pull request #289 from VakarisZ/elastic_small_fix
Added request timeout to elastic exploiter
This commit is contained in:
commit
6b9f3c18bc
|
@ -8,7 +8,8 @@ import json
|
||||||
import logging
|
import logging
|
||||||
import requests
|
import requests
|
||||||
from infection_monkey.exploit.web_rce import WebRCE
|
from infection_monkey.exploit.web_rce import WebRCE
|
||||||
from infection_monkey.model import WGET_HTTP_UPLOAD, RDP_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX
|
from infection_monkey.model import WGET_HTTP_UPLOAD, RDP_CMDLINE_HTTP, CHECK_COMMAND, ID_STRING, CMD_PREFIX,\
|
||||||
|
DOWNLOAD_TIMEOUT
|
||||||
from infection_monkey.network.elasticfinger import ES_PORT, ES_SERVICE
|
from infection_monkey.network.elasticfinger import ES_PORT, ES_SERVICE
|
||||||
|
|
||||||
import re
|
import re
|
||||||
|
@ -47,7 +48,11 @@ class ElasticGroovyExploiter(WebRCE):
|
||||||
def exploit(self, url, command):
|
def exploit(self, url, command):
|
||||||
command = re.sub(r"\\", r"\\\\\\\\", command)
|
command = re.sub(r"\\", r"\\\\\\\\", command)
|
||||||
payload = self.JAVA_CMD % command
|
payload = self.JAVA_CMD % command
|
||||||
response = requests.get(url, data=payload)
|
try:
|
||||||
|
response = requests.get(url, data=payload, timeout=DOWNLOAD_TIMEOUT)
|
||||||
|
except requests.ReadTimeout:
|
||||||
|
LOG.error("Elastic couldn't upload monkey, because server didn't respond to upload request.")
|
||||||
|
return False
|
||||||
result = self.get_results(response)
|
result = self.get_results(response)
|
||||||
if not result:
|
if not result:
|
||||||
return False
|
return False
|
||||||
|
|
Loading…
Reference in New Issue