forked from p34709852/monkey
Agent: fix log4shell to always close ldap and http servers, even on errors
This commit is contained in:
parent
9d5ea0f41f
commit
7bace927f8
|
@ -69,16 +69,17 @@ class Log4ShellExploiter(WebRCE):
|
||||||
ldap_thread = ldap.get_run_thread()
|
ldap_thread = ldap.get_run_thread()
|
||||||
ldap_thread.start()
|
ldap_thread.start()
|
||||||
|
|
||||||
self._trigger_exploit()
|
try:
|
||||||
|
self.exploit(None, None)
|
||||||
|
finally:
|
||||||
|
http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||||
|
http_thread.stop()
|
||||||
|
|
||||||
http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
java_class_http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||||
http_thread.stop()
|
Log4ShellExploiter.HTTPHandler.stop = True
|
||||||
|
|
||||||
java_class_http_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
ldap_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
||||||
Log4ShellExploiter.HTTPHandler.stop = True
|
ldap.stop()
|
||||||
|
|
||||||
ldap_thread.join(Log4ShellExploiter.DOWNLOAD_TIMEOUT)
|
|
||||||
ldap.stop()
|
|
||||||
|
|
||||||
# If java class was downloaded it means that victim is vulnerable
|
# If java class was downloaded it means that victim is vulnerable
|
||||||
return Log4ShellExploiter.HTTPHandler.class_downloaded
|
return Log4ShellExploiter.HTTPHandler.class_downloaded
|
||||||
|
|
Loading…
Reference in New Issue