From 5bf6f654e1c49e8c224909bfa894a8fdc87f43d6 Mon Sep 17 00:00:00 2001 From: ophirharpazg Date: Wed, 2 Sep 2020 12:36:00 +0300 Subject: [PATCH 1/5] deleted unused ports --- monkey/infection_monkey/exploit/drupal.py | 1 - 1 file changed, 1 deletion(-) diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py index 3a333d827..a5d162167 100644 --- a/monkey/infection_monkey/exploit/drupal.py +++ b/monkey/infection_monkey/exploit/drupal.py @@ -21,7 +21,6 @@ LOG = logging.getLogger(__name__) class DrupalExploiter(WebRCE): _TARGET_OS_TYPE = ['linux', 'windows'] _EXPLOITED_SERVICE = 'Drupal Server' - DRUPAL_PORTS = [[80, False], [443, True]] def __init__(self, host): super(DrupalExploiter, self).__init__(host) From 7e7ca954d3d7da139984e69056c12dc1fec68029 Mon Sep 17 00:00:00 2001 From: ophirharpazg Date: Wed, 2 Sep 2020 12:43:40 +0300 Subject: [PATCH 2/5] delete whitespaces for CI --- monkey/infection_monkey/exploit/drupal.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py index a5d162167..7f88ed07a 100644 --- a/monkey/infection_monkey/exploit/drupal.py +++ b/monkey/infection_monkey/exploit/drupal.py @@ -93,7 +93,7 @@ class DrupalExploiter(WebRCE): json=payload, headers={"Content-Type": "application/hal+json"}, verify=False) - + if is_response_cached(r): LOG.info(f'Exploiting {url} returned cache HIT, may have failed') @@ -110,7 +110,7 @@ class DrupalExploiter(WebRCE): :return: vulnerable URL to exploit """ return self.vulnerable_urls.pop() - + def are_vulnerable_urls_sufficient(self): """ For the Drupal exploit, 5 distinct URLs are needed to perform the full attack. From e69ff81e6f9ccc016f3840e645469ff453b8a385 Mon Sep 17 00:00:00 2001 From: ophirharpazg Date: Wed, 2 Sep 2020 12:45:09 +0300 Subject: [PATCH 3/5] approve ignoring certificates for CI --- monkey/infection_monkey/exploit/drupal.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py index 7f88ed07a..6cada4f36 100644 --- a/monkey/infection_monkey/exploit/drupal.py +++ b/monkey/infection_monkey/exploit/drupal.py @@ -75,7 +75,7 @@ class DrupalExploiter(WebRCE): response = requests.get(f'{url}?_format=hal_json', json=payload, headers={"Content-Type": "application/hal+json"}, - verify=False) + verify=False) # noqa: DUO123 if is_response_cached(response): LOG.info(f'Checking if node {url} is vuln returned cache HIT, ignoring') @@ -92,7 +92,7 @@ class DrupalExploiter(WebRCE): r = requests.get(f'{url}?_format=hal_json', json=payload, headers={"Content-Type": "application/hal+json"}, - verify=False) + verify=False) # noqa: DUO123 if is_response_cached(r): LOG.info(f'Exploiting {url} returned cache HIT, may have failed') @@ -136,7 +136,7 @@ def find_exploitbale_article_ids(base_url: str, lower: int = 1, upper: int = 100 articles = set() while lower < upper: node_url = urljoin(base_url, str(lower)) - response = requests.get(node_url, verify=False) + response = requests.get(node_url, verify=False) # noqa: DUO123 if response.status_code == 200: if is_response_cached(response): LOG.info(f'Found a cached article at: {node_url}, skipping') From 658a744c5aa1994855fc04a8e613f669f94a70d8 Mon Sep 17 00:00:00 2001 From: ophirharpazg Date: Wed, 2 Sep 2020 12:50:47 +0300 Subject: [PATCH 4/5] move noqa to the invocation line --- monkey/infection_monkey/exploit/drupal.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/monkey/infection_monkey/exploit/drupal.py b/monkey/infection_monkey/exploit/drupal.py index 6cada4f36..84919baef 100644 --- a/monkey/infection_monkey/exploit/drupal.py +++ b/monkey/infection_monkey/exploit/drupal.py @@ -72,10 +72,10 @@ class DrupalExploiter(WebRCE): """ payload = build_exploitability_check_payload(url) - response = requests.get(f'{url}?_format=hal_json', + response = requests.get(f'{url}?_format=hal_json', # noqa: DUO123 json=payload, headers={"Content-Type": "application/hal+json"}, - verify=False) # noqa: DUO123 + verify=False) if is_response_cached(response): LOG.info(f'Checking if node {url} is vuln returned cache HIT, ignoring') @@ -89,10 +89,10 @@ class DrupalExploiter(WebRCE): base = remove_port(url) payload = build_cmd_execution_payload(base, cmd) - r = requests.get(f'{url}?_format=hal_json', + r = requests.get(f'{url}?_format=hal_json', # noqa: DUO123 json=payload, headers={"Content-Type": "application/hal+json"}, - verify=False) # noqa: DUO123 + verify=False) if is_response_cached(r): LOG.info(f'Exploiting {url} returned cache HIT, may have failed') From 47d5b264eafeb5e97f8c089ff08a35f757ef608f Mon Sep 17 00:00:00 2001 From: ophirharpazg Date: Wed, 2 Sep 2020 12:51:05 +0300 Subject: [PATCH 5/5] decrement number of allowed warnings --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index fcd9fc36b..fc079ea76 100644 --- a/.travis.yml +++ b/.travis.yml @@ -72,7 +72,7 @@ script: ## Display the linter issues - cat flake8_warnings.txt ## Make sure that we haven't increased the amount of warnings. -- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=90 +- PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT=80 - if [ $(tail -n 1 flake8_warnings.txt) -gt $PYTHON_WARNINGS_AMOUNT_UPPER_LIMIT ]; then echo "Too many python linter warnings! Failing this build. Lower the amount of linter errors in this and try again. " && exit 1; fi ## Check import order