Agent: Skip Log4Shell exploiter if there are no open ports

2022-01-20 08:52:09 -05:00 · 2022-01-20 08:52:09 -05:00 · e576136a63
parent 6d87289bd0
commit e576136a63
1 changed files with 8 additions and 4 deletions
--- a/monkey/infection_monkey/exploit/log4shell.py
+++ b/monkey/infection_monkey/exploit/log4shell.py
@ -45,8 +45,15 @@ class Log4ShellExploiter(WebRCE):
        self._ldap_server = None
        self._exploit_class_http_server = None
        self._agent_http_server_thread = None
+        self._open_ports = [
+            int(port[0]) for port in WebRCE.get_open_service_ports(self.host, self.HTTP, ["http"])
+        ]

    def _exploit_host(self):
+        if not self._open_ports:
+            logger.info("Could not find any open web ports to exploit")
+            return False
+
        self._start_servers()
        try:
            return self.exploit(None, None)
@ -130,11 +137,8 @@ class Log4ShellExploiter(WebRCE):
    def exploit(self, url, command) -> bool:
        # Try to exploit all services,
        # because we don't know which services are running and on which ports
-        open_ports = [
-            int(port[0]) for port in WebRCE.get_open_service_ports(self.host, self.HTTP, ["http"])
-        ]
        for exploit in get_log4shell_service_exploiters():
-            for port in open_ports:
+            for port in self._open_ports:
                try:
                    exploit.trigger_exploit(self._build_ldap_payload(), self.host, port)
                except Exception as ex: