Agent: fix struts2 url building

This commit is contained in:
vakarisz 2022-01-18 14:29:57 +02:00
parent 76a32d241c
commit 03919c3caf
1 changed files with 5 additions and 11 deletions

View File

@ -10,6 +10,7 @@ import ssl
import urllib.error
import urllib.parse
import urllib.request
from typing import List, Tuple
from infection_monkey.exploit.web_rce import WebRCE
@ -30,17 +31,10 @@ class Struts2Exploiter(WebRCE):
exploit_config["dropper"] = True
return exploit_config
def build_potential_urls(self, ports, extensions=None):
"""
We need to override this method to get redirected url's
:param ports: Array of ports. One port is described as size 2 array: [port.no(int),
isHTTPS?(bool)]
Eg. ports: [[80, False], [443, True]]
:param extensions: What subdirectories to scan. www.domain.com[/extension]
:return: Array of url's to try and attack
"""
url_list = WebRCE.build_potential_urls(self.host.ip_addr, ports)
url_list = [self.get_redirected(url) for url in url_list]
@staticmethod
def build_potential_urls(ip: str, ports: List[Tuple[str, bool]], extensions=None):
url_list = WebRCE.build_potential_urls(ip, ports)
url_list = [Struts2Exploiter.get_redirected(url) for url in url_list]
return url_list
@staticmethod