p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed bootloader networking bug and improved exception handling

This commit is contained in:
VakarisZ 2020-03-20 19:57:56 +02:00
parent a0a2311996
commit 1ff6a91d75
2 changed files with 19 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
monkey/infection_monkey/transport/http.py
View File

@ -118,13 +118,20 @@ class HTTPConnectProxyHandler(http.server.BaseHTTPRequestHandler):
post_data = self.rfile.read(content_length).decode() post_data = self.rfile.read(content_length).decode()
LOG.info("Received bootloader's request: {}".format(post_data)) LOG.info("Received bootloader's request: {}".format(post_data))
try: try:
r = requests.post(url=self.path, data=post_data, proxies=infection_monkey.control.ControlClient.proxies) dest_path = self.path
r = requests.post(url=dest_path,
data=post_data,
verify=False,
proxies=infection_monkey.control.ControlClient.proxies)
self.send_response(r.status_code)
except requests.exceptions.ConnectionError as e: except requests.exceptions.ConnectionError as e:
LOG.error("Couldn't forward request to the island: {}".format(e)) LOG.error("Couldn't forward request to the island: {}".format(e))
return self.send_response(404) self.send_response(404)
self.send_response(r.status_code) except Exception as e:
self.end_headers() LOG.error("Failed to forward bootloader request: {}".format(e))
self.wfile.write(r.content) finally:
self.end_headers()
self.wfile.write(r.content)
except Exception as e: except Exception as e:
LOG.error("Failed receiving bootloader telemetry: {}".format(e)) LOG.error("Failed receiving bootloader telemetry: {}".format(e))

14
monkey/monkey_island/cc/bootloader_server.py
View File

@ -7,10 +7,13 @@ import logging
import requests import requests
import pymongo import pymongo
from monkey_island.cc.environment import Environment
# Disable "unverified certificate" warnings when sending requests to island # Disable "unverified certificate" warnings when sending requests to island
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
class BootloaderHttpServer(ThreadingMixIn, HTTPServer): class BootloaderHttpServer(ThreadingMixIn, HTTPServer):
def __init__(self, mongo_url): def __init__(self, mongo_url):
@ -24,10 +27,7 @@ class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
def do_POST(self): def do_POST(self):
content_length = int(self.headers['Content-Length']) content_length = int(self.headers['Content-Length'])
post_data = self.rfile.read(content_length).decode() post_data = self.rfile.read(content_length).decode()
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'newconfig'}) island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_url(self.request.getsockname()[0])
if not conf:
conf = self.server.mongo_client['monkeyisland']['config'].find_one({'name': 'initial'})
island_server_path = BootloaderHTTPRequestHandler.get_bootloader_resource_path_from_config(conf)
island_server_path = parse.urljoin(island_server_path, self.path[1:]) island_server_path = parse.urljoin(island_server_path, self.path[1:])
r = requests.post(url=island_server_path, data=post_data, verify=False) r = requests.post(url=island_server_path, data=post_data, verify=False)
@ -44,6 +44,6 @@ class BootloaderHTTPRequestHandler(BaseHTTPRequestHandler):
self.connection.close() self.connection.close()
@staticmethod @staticmethod
def get_bootloader_resource_path_from_config(config): def get_bootloader_resource_url(server_ip):
address = config['cnc']['servers']['current_server'] return "https://" + server_ip + ":" + str(Environment._ISLAND_PORT) + "/api/bootloader/"
return parse.urljoin("https://"+address, "api/bootloader/")