p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Try to avoid flake warnings on not checking SSL

This commit is contained in:
Daniel Goldberg 2019-11-28 12:41:37 +01:00
parent bf44f2355f
commit 58b775cfb5
6 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py
View File

@ -35,28 +35,28 @@ class MonkeyIslandRequests(object):
return request_function_wrapper
def get_jwt_from_server(self):
resp = requests.post(self.addr + "api/auth",
resp = requests.post(self.addr + "api/auth", # noqa: DUO123
json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS},
verify=False)
return resp.json()["access_token"]
@_Decorators.refresh_jwt_token
def get(self, url, data=None):
return requests.get(self.addr + url,
return requests.get(self.addr + url, # noqa: DUO123
headers=self.get_jwt_header(),
params=data,
verify=False)
@_Decorators.refresh_jwt_token
def post(self, url, data):
return requests.post(self.addr + url,
return requests.post(self.addr + url, # noqa: DUO123
data=data,
headers=self.get_jwt_header(),
verify=False)
@_Decorators.refresh_jwt_token
def post_json(self, url, dict_data):
return requests.post(self.addr + url,
return requests.post(self.addr + url, # noqa: DUO123
json=dict_data,
headers=self.get_jwt_header(),
verify=False)

20
monkey/infection_monkey/control.py
View File

@ -53,7 +53,7 @@ class ControlClient(object):
if ControlClient.proxies:
monkey['tunnel'] = ControlClient.proxies.get('https')
requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,),
requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), # noqa: DUO123
data=json.dumps(monkey),
headers={'content-type': 'application/json'},
verify=False,
@ -76,7 +76,7 @@ class ControlClient(object):
if ControlClient.proxies:
debug_message += " through proxies: %s" % ControlClient.proxies
LOG.debug(debug_message)
requests.get("https://%s/api?action=is-up" % (server,),
requests.get("https://%s/api?action=is-up" % (server,), # noqa: DUO123
verify=False,
proxies=ControlClient.proxies,
timeout=TIMEOUT_IN_SECONDS)
@ -112,7 +112,7 @@ class ControlClient(object):
monkey = {}
if ControlClient.proxies:
monkey['tunnel'] = ControlClient.proxies.get('https')
requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123
data=json.dumps(monkey),
headers={'content-type': 'application/json'},
verify=False,
@ -129,7 +129,7 @@ class ControlClient(object):
return
try:
telemetry = {'monkey_guid': GUID, 'telem_category': telem_category, 'data': data}
requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,),
requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123
data=json.dumps(telemetry),
headers={'content-type': 'application/json'},
verify=False,
@ -144,7 +144,7 @@ class ControlClient(object):
return
try:
telemetry = {'monkey_guid': GUID, 'log': json.dumps(log)}
requests.post("https://%s/api/log" % (WormConfiguration.current_server,),
requests.post("https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123
data=json.dumps(telemetry),
headers={'content-type': 'application/json'},
verify=False,
@ -158,7 +158,7 @@ class ControlClient(object):
if not WormConfiguration.current_server:
return
try:
reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123
verify=False,
proxies=ControlClient.proxies)
@ -185,7 +185,7 @@ class ControlClient(object):
if not WormConfiguration.current_server:
return
try:
requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID),
requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123
data=json.dumps({'config_error': True}),
headers={'content-type': 'application/json'},
verify=False,
@ -247,7 +247,7 @@ class ControlClient(object):
if (monkeyfs.isfile(dest_file)) and (size == monkeyfs.getsize(dest_file)):
return dest_file
else:
download = requests.get("https://%s/api/monkey/download/%s" %
download = requests.get("https://%s/api/monkey/download/%s" % # noqa: DUO123
(WormConfiguration.current_server, filename),
verify=False,
proxies=ControlClient.proxies)
@ -273,7 +273,7 @@ class ControlClient(object):
if not WormConfiguration.current_server:
return None, None
try:
reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,),
reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), # noqa: DUO123
data=json.dumps(host_dict),
headers={'content-type': 'application/json'},
verify=False, proxies=ControlClient.proxies)
@ -315,7 +315,7 @@ class ControlClient(object):
@staticmethod
def get_pba_file(filename):
try:
return requests.get(PBA_FILE_DOWNLOAD %
return requests.get(PBA_FILE_DOWNLOAD % # noqa: DUO123
(WormConfiguration.current_server, filename),
verify=False,
proxies=ControlClient.proxies)

4
monkey/infection_monkey/exploit/shellshock.py
View File

@ -209,7 +209,7 @@ class ShellShockExploiter(HostExploiter):
try:
LOG.debug("Header is: %s" % header)
LOG.debug("Attack is: %s" % attack)
r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT)
r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) # noqa: DUO123
result = r.content.decode()
return result
except requests.exceptions.RequestException as exc:
@ -232,7 +232,7 @@ class ShellShockExploiter(HostExploiter):
attack_urls = [attack_path + url for url in url_list]
for u in attack_urls:
try:
reqs.append(requests.head(u, verify=False, timeout=TIMEOUT))
reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) # noqa: DUO123
except requests.Timeout:
timeout = True
break

4
monkey/infection_monkey/exploit/weblogic.py
View File

@ -80,7 +80,7 @@ class WebLogic201710271(WebRCE):
else:
payload = self.get_exploit_payload('cmd', '/c', command + ' 1> NUL 2> NUL')
try:
post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False)
post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) # noqa: DUO123
except Exception as e:
LOG.error("Connection error: %s" % e)
return False
@ -116,7 +116,7 @@ class WebLogic201710271(WebRCE):
def check_if_exploitable_weblogic(self, url, httpd):
payload = self.get_test_payload(ip=httpd.local_ip, port=httpd.local_port)
try:
post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False)
post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) # noqa: DUO123
except exceptions.ReadTimeout:
# Our request will not get response thus we get ReadTimeout error
pass

2
monkey/infection_monkey/network/httpfinger.py
View File

@ -32,7 +32,7 @@ class HTTPFinger(HostFinger):
# try http, we don't optimise for 443
for url in (https, http): # start with https and downgrade
try:
with closing(head(url, verify=False, timeout=1)) as req:
with closing(head(url, verify=False, timeout=1)) as req: # noqa: DUO123
server = req.headers.get('Server')
ssl = True if 'https://' in url else False
self.init_service(host.services, ('tcp-' + port[1]), port[0])

2
monkey/infection_monkey/network/info.py
View File

@ -125,7 +125,7 @@ def check_internet_access(services):
"""
for host in services:
try:
requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False)
requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123
return True
except ConnectionError:
# Failed connecting