forked from p15670423/monkey
Custom http server class moved to the end of file
This commit is contained in:
parent
57e795573e
commit
3f809403d1
|
@ -66,40 +66,6 @@ class WebLogicExploiter(WebRCE):
|
|||
print(e)
|
||||
return True
|
||||
|
||||
class IndicationHTTPServer(threading.Thread):
|
||||
"""
|
||||
Http server built to wait for GET requests. Because oracle web logic vuln is blind,
|
||||
we determine if we can exploit by either getting a GET request from host or not.
|
||||
"""
|
||||
def __init__(self, local_ip, local_port, lock, max_requests=1):
|
||||
self._local_ip = local_ip
|
||||
self._local_port = local_port
|
||||
self.get_requests = 0
|
||||
self.max_requests = max_requests
|
||||
self._stopped = False
|
||||
self.lock = lock
|
||||
threading.Thread.__init__(self)
|
||||
self.daemon = True
|
||||
|
||||
def run(self):
|
||||
class S(BaseHTTPRequestHandler):
|
||||
@staticmethod
|
||||
def do_GET():
|
||||
LOG.info('Server received a request from vulnerable machine')
|
||||
self.get_requests += 1
|
||||
LOG.info('Server waiting for exploited machine request...')
|
||||
httpd = HTTPServer((self._local_ip, self._local_port), S)
|
||||
httpd.daemon = True
|
||||
self.lock.release()
|
||||
while not self._stopped and self.get_requests < self.max_requests:
|
||||
httpd.handle_request()
|
||||
|
||||
self._stopped = True
|
||||
return httpd
|
||||
|
||||
def stop(self):
|
||||
self._stopped = True
|
||||
|
||||
def check_if_exploitable(self, url):
|
||||
# Server might get response faster than it starts listening to it, we need a lock
|
||||
httpd, lock = self._start_http_server()
|
||||
|
@ -195,3 +161,37 @@ class WebLogicExploiter(WebRCE):
|
|||
'''
|
||||
payload = generic_check_payload.format(host=ip, port=port)
|
||||
return payload
|
||||
|
||||
class IndicationHTTPServer(threading.Thread):
|
||||
"""
|
||||
Http server built to wait for GET requests. Because oracle web logic vuln is blind,
|
||||
we determine if we can exploit by either getting a GET request from host or not.
|
||||
"""
|
||||
def __init__(self, local_ip, local_port, lock, max_requests=1):
|
||||
self._local_ip = local_ip
|
||||
self._local_port = local_port
|
||||
self.get_requests = 0
|
||||
self.max_requests = max_requests
|
||||
self._stopped = False
|
||||
self.lock = lock
|
||||
threading.Thread.__init__(self)
|
||||
self.daemon = True
|
||||
|
||||
def run(self):
|
||||
class S(BaseHTTPRequestHandler):
|
||||
@staticmethod
|
||||
def do_GET():
|
||||
LOG.info('Server received a request from vulnerable machine')
|
||||
self.get_requests += 1
|
||||
LOG.info('Server waiting for exploited machine request...')
|
||||
httpd = HTTPServer((self._local_ip, self._local_port), S)
|
||||
httpd.daemon = True
|
||||
self.lock.release()
|
||||
while not self._stopped and self.get_requests < self.max_requests:
|
||||
httpd.handle_request()
|
||||
|
||||
self._stopped = True
|
||||
return httpd
|
||||
|
||||
def stop(self):
|
||||
self._stopped = True
|
||||
|
|
Loading…
Reference in New Issue