diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py index 63aa5fb97..b40a6476e 100644 --- a/monkey/infection_monkey/exploit/drupal.py +++ b/monkey/infection_monkey/exploit/drupal.py @@ -18,10 +18,8 @@ __author__ = 'Ophir Harpaz' LOG = logging.getLogger(__name__) -def check_drupal_cache(r: requests.Response) -> bool: - """ - Check if a response had the cache header. - """ +def is_response_cached(r: requests.Response) -> bool: + """ Check if a response had the cache header. """ return 'X-Drupal-Cache' in r.headers and r.headers['X-Drupal-Cache'] == 'HIT' @@ -29,12 +27,13 @@ def find_exploitbale_article_ids(base_url: str, lower: int = 1, upper: int = 10) """ Find target articles that do not 404 and are not cached """ articles = set() while lower < upper: - u = urljoin(base_url, str(lower)) - r = requests.get(u) - if r.status_code == 200: # found an article - articles.add(lower) - if check_drupal_cache(r): - LOG.info(f'Found a cached article at: {lower}, skipping') + node_url = urljoin(base_url, str(lower)) + response = requests.get(node_url) + if response.status_code == 200: + if is_response_cached(response): + LOG.info(f'Found a cached article at: {node_url}, skipping') + else: + articles.add(lower) lower += 1 return articles @@ -109,7 +108,7 @@ class DrupalExploiter(WebRCE): json=payload, headers={"Content-Type": "application/hal+json"}) - if check_drupal_cache(response): + if is_response_cached(response): LOG.info(f'Checking if node {url} is vuln returned cache HIT, ignoring') return False @@ -145,7 +144,7 @@ class DrupalExploiter(WebRCE): r = requests.get(f'{url}?_format=hal_json', json=payload, headers={"Content-Type": "application/hal+json"}) - if check_drupal_cache(r): + if is_response_cached(r): LOG.info(f'Exploiting {url} returned cache HIT, may have failed') if ID_STRING not in r.text: