forked from p15670423/monkey
Agent: fix struts2 url building
This commit is contained in:
parent
76a32d241c
commit
03919c3caf
|
@ -10,6 +10,7 @@ import ssl
|
|||
import urllib.error
|
||||
import urllib.parse
|
||||
import urllib.request
|
||||
from typing import List, Tuple
|
||||
|
||||
from infection_monkey.exploit.web_rce import WebRCE
|
||||
|
||||
|
@ -30,17 +31,10 @@ class Struts2Exploiter(WebRCE):
|
|||
exploit_config["dropper"] = True
|
||||
return exploit_config
|
||||
|
||||
def build_potential_urls(self, ports, extensions=None):
|
||||
"""
|
||||
We need to override this method to get redirected url's
|
||||
:param ports: Array of ports. One port is described as size 2 array: [port.no(int),
|
||||
isHTTPS?(bool)]
|
||||
Eg. ports: [[80, False], [443, True]]
|
||||
:param extensions: What subdirectories to scan. www.domain.com[/extension]
|
||||
:return: Array of url's to try and attack
|
||||
"""
|
||||
url_list = WebRCE.build_potential_urls(self.host.ip_addr, ports)
|
||||
url_list = [self.get_redirected(url) for url in url_list]
|
||||
@staticmethod
|
||||
def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None):
|
||||
url_list = WebRCE.build_potential_urls(ip, ports)
|
||||
url_list = [Struts2Exploiter.get_redirected(url) for url in url_list]
|
||||
return url_list
|
||||
|
||||
@staticmethod
|
||||
|
|
Loading…
Reference in New Issue