p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Add tags and error messages in Hadoop

This commit is contained in:
Ilija Lazoroski 2022-10-04 16:39:10 +02:00
parent fe864792f3
commit 9c185a3a78
1 changed files with 18 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
monkey/infection_monkey/exploit/hadoop.py
View File

@ -5,6 +5,7 @@
""" """
import json import json
import logging
import posixpath import posixpath
import random import random
import string import string
@ -12,6 +13,7 @@ import string
import requests import requests
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
from common.tags import T1203_ATTACK_TECHNIQUE_TAG
from infection_monkey.exploit.tools.helpers import get_agent_dst_path from infection_monkey.exploit.tools.helpers import get_agent_dst_path
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit.web_rce import WebRCE
@ -23,6 +25,10 @@ from infection_monkey.model import (
) )
from infection_monkey.utils.commands import build_monkey_commandline from infection_monkey.utils.commands import build_monkey_commandline
logger = logging.getLogger(__name__)
HADOOP_EXPLOITER_TAG = "hadoop-exploiter"
class HadoopExploiter(WebRCE): class HadoopExploiter(WebRCE):
_EXPLOITED_SERVICE = "Hadoop" _EXPLOITED_SERVICE = "Hadoop"
@ -40,18 +46,24 @@ class HadoopExploiter(WebRCE):
urls = self.build_potential_urls(self.host.ip_addr, self.HADOOP_PORTS) urls = self.build_potential_urls(self.host.ip_addr, self.HADOOP_PORTS)
self.add_vulnerable_urls(urls, True) self.add_vulnerable_urls(urls, True)
if not self.vulnerable_urls: if not self.vulnerable_urls:
self.exploit.error_message = f"No vulnerable urls has been found for {self.host}"
self.publish_exploitation_event( self.publish_exploitation_event(
target=self.host.ip_addr, target=self.host.ip_addr,
exploitation_success=False, exploitation_success=False,
error_message=self.exploit_result.error_message,
tags=(HADOOP_EXPLOITER_TAG,),
) )
return self.exploit_result return self.exploit_result
try: try:
monkey_path_on_victim = get_agent_dst_path(self.host) monkey_path_on_victim = get_agent_dst_path(self.host)
except KeyError: except KeyError:
self.exploit_result.error_message = f"No coressponding agent found for {self.host}"
self.publish_exploitation_event( self.publish_exploitation_event(
target=self.host.ip_addr, target=self.host.ip_addr,
exploitation_success=False, exploitation_success=False,
error_message=self.exploit_result.error_message,
tags=(HADOOP_EXPLOITER_TAG,),
) )
return self.exploit_result return self.exploit_result
@ -70,8 +82,13 @@ class HadoopExploiter(WebRCE):
self.publish_exploitation_event( self.publish_exploitation_event(
target=self.host.ip_addr, target=self.host.ip_addr,
exploitation_success=True, exploitation_success=True,
tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
)
self.publish_propagation_event(
target=self.host.ip_addr,
propagation_success=True,
tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG),
) )
self.publish_propagation_event(target=self.host.ip_addr, propagation_success=True)
finally: finally:
http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop() http_thread.stop()