From 4d6472cce10e7c34fb743dc1720f208eb312b3d0 Mon Sep 17 00:00:00 2001 From: Vakaris Date: Wed, 29 Aug 2018 16:52:29 +0300 Subject: [PATCH] Ports are now taken from elastic_fingerprint module --- infection_monkey/exploit/elasticgroovy.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infection_monkey/exploit/elasticgroovy.py b/infection_monkey/exploit/elasticgroovy.py index db07e00e1..74be84a79 100644 --- a/infection_monkey/exploit/elasticgroovy.py +++ b/infection_monkey/exploit/elasticgroovy.py @@ -9,6 +9,7 @@ import logging import requests from exploit.web_rce import WebRCE from model import WGET_HTTP_UPLOAD +from network.elasticfinger import ES_PORT, ES_SERVICE import re @@ -44,9 +45,8 @@ class ElasticGroovyExploiter(WebRCE): def get_open_service_ports(self, port_list, names): # We must append elastic port we get from elastic fingerprint module because It's not marked as 'http' service valid_ports = super(ElasticGroovyExploiter, self).get_open_service_ports(port_list, names) - elastic_service = [service for service in self.host.services if 'elastic-search' in service][0] - elastic_port = [elastic_service.lstrip('elastic-search-'), False] - valid_ports.append(elastic_port) + if ES_SERVICE in self.host.services: + valid_ports.append([ES_PORT, False]) return valid_ports def exploit(self, url, command):