diff --git a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py index 8ff3d3667..780821c3b 100644 --- a/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py +++ b/envs/monkey_zoo/blackbox/island_client/monkey_island_requests.py @@ -35,28 +35,28 @@ class MonkeyIslandRequests(object): return request_function_wrapper def get_jwt_from_server(self): - resp = requests.post(self.addr + "api/auth", + resp = requests.post(self.addr + "api/auth", # noqa: DUO123 json={"username": NO_AUTH_CREDS, "password": NO_AUTH_CREDS}, verify=False) return resp.json()["access_token"] @_Decorators.refresh_jwt_token def get(self, url, data=None): - return requests.get(self.addr + url, + return requests.get(self.addr + url, # noqa: DUO123 headers=self.get_jwt_header(), params=data, verify=False) @_Decorators.refresh_jwt_token def post(self, url, data): - return requests.post(self.addr + url, + return requests.post(self.addr + url, # noqa: DUO123 data=data, headers=self.get_jwt_header(), verify=False) @_Decorators.refresh_jwt_token def post_json(self, url, dict_data): - return requests.post(self.addr + url, + return requests.post(self.addr + url, # noqa: DUO123 json=dict_data, headers=self.get_jwt_header(), verify=False) diff --git a/monkey/infection_monkey/control.py b/monkey/infection_monkey/control.py index b063744ad..1d4220975 100644 --- a/monkey/infection_monkey/control.py +++ b/monkey/infection_monkey/control.py @@ -53,7 +53,7 @@ class ControlClient(object): if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') - requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), + requests.post("https://%s/api/monkey" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, @@ -76,7 +76,7 @@ class ControlClient(object): if ControlClient.proxies: debug_message += " through proxies: %s" % ControlClient.proxies LOG.debug(debug_message) - requests.get("https://%s/api?action=is-up" % (server,), + requests.get("https://%s/api?action=is-up" % (server,), # noqa: DUO123 verify=False, proxies=ControlClient.proxies, timeout=TIMEOUT_IN_SECONDS) @@ -112,7 +112,7 @@ class ControlClient(object): monkey = {} if ControlClient.proxies: monkey['tunnel'] = ControlClient.proxies.get('https') - requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 data=json.dumps(monkey), headers={'content-type': 'application/json'}, verify=False, @@ -129,7 +129,7 @@ class ControlClient(object): return try: telemetry = {'monkey_guid': GUID, 'telem_category': telem_category, 'data': data} - requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), + requests.post("https://%s/api/telemetry" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={'content-type': 'application/json'}, verify=False, @@ -144,7 +144,7 @@ class ControlClient(object): return try: telemetry = {'monkey_guid': GUID, 'log': json.dumps(log)} - requests.post("https://%s/api/log" % (WormConfiguration.current_server,), + requests.post("https://%s/api/log" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(telemetry), headers={'content-type': 'application/json'}, verify=False, @@ -158,7 +158,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + reply = requests.get("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 verify=False, proxies=ControlClient.proxies) @@ -185,7 +185,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return try: - requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), + requests.patch("https://%s/api/monkey/%s" % (WormConfiguration.current_server, GUID), # noqa: DUO123 data=json.dumps({'config_error': True}), headers={'content-type': 'application/json'}, verify=False, @@ -247,7 +247,7 @@ class ControlClient(object): if (monkeyfs.isfile(dest_file)) and (size == monkeyfs.getsize(dest_file)): return dest_file else: - download = requests.get("https://%s/api/monkey/download/%s" % + download = requests.get("https://%s/api/monkey/download/%s" % # noqa: DUO123 (WormConfiguration.current_server, filename), verify=False, proxies=ControlClient.proxies) @@ -273,7 +273,7 @@ class ControlClient(object): if not WormConfiguration.current_server: return None, None try: - reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), + reply = requests.post("https://%s/api/monkey/download" % (WormConfiguration.current_server,), # noqa: DUO123 data=json.dumps(host_dict), headers={'content-type': 'application/json'}, verify=False, proxies=ControlClient.proxies) @@ -315,7 +315,7 @@ class ControlClient(object): @staticmethod def get_pba_file(filename): try: - return requests.get(PBA_FILE_DOWNLOAD % + return requests.get(PBA_FILE_DOWNLOAD % # noqa: DUO123 (WormConfiguration.current_server, filename), verify=False, proxies=ControlClient.proxies) diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index 0da543a69..0e03c3252 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -209,7 +209,7 @@ class ShellShockExploiter(HostExploiter): try: LOG.debug("Header is: %s" % header) LOG.debug("Attack is: %s" % attack) - r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) + r = requests.get(url, headers={header: attack}, verify=False, timeout=TIMEOUT) # noqa: DUO123 result = r.content.decode() return result except requests.exceptions.RequestException as exc: @@ -232,7 +232,7 @@ class ShellShockExploiter(HostExploiter): attack_urls = [attack_path + url for url in url_list] for u in attack_urls: try: - reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) + reqs.append(requests.head(u, verify=False, timeout=TIMEOUT)) # noqa: DUO123 except requests.Timeout: timeout = True break diff --git a/monkey/infection_monkey/exploit/weblogic.py b/monkey/infection_monkey/exploit/weblogic.py index 08b642942..2ff9edbc9 100644 --- a/monkey/infection_monkey/exploit/weblogic.py +++ b/monkey/infection_monkey/exploit/weblogic.py @@ -80,7 +80,7 @@ class WebLogic201710271(WebRCE): else: payload = self.get_exploit_payload('cmd', '/c', command + ' 1> NUL 2> NUL') try: - post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) + post(url, data=payload, headers=HEADERS, timeout=EXECUTION_TIMEOUT, verify=False) # noqa: DUO123 except Exception as e: LOG.error("Connection error: %s" % e) return False @@ -116,7 +116,7 @@ class WebLogic201710271(WebRCE): def check_if_exploitable_weblogic(self, url, httpd): payload = self.get_test_payload(ip=httpd.local_ip, port=httpd.local_port) try: - post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) + post(url, data=payload, headers=HEADERS, timeout=REQUEST_DELAY, verify=False) # noqa: DUO123 except exceptions.ReadTimeout: # Our request will not get response thus we get ReadTimeout error pass diff --git a/monkey/infection_monkey/network/httpfinger.py b/monkey/infection_monkey/network/httpfinger.py index c6590b9db..66e720609 100644 --- a/monkey/infection_monkey/network/httpfinger.py +++ b/monkey/infection_monkey/network/httpfinger.py @@ -32,7 +32,7 @@ class HTTPFinger(HostFinger): # try http, we don't optimise for 443 for url in (https, http): # start with https and downgrade try: - with closing(head(url, verify=False, timeout=1)) as req: + with closing(head(url, verify=False, timeout=1)) as req: # noqa: DUO123 server = req.headers.get('Server') ssl = True if 'https://' in url else False self.init_service(host.services, ('tcp-' + port[1]), port[0]) diff --git a/monkey/infection_monkey/network/info.py b/monkey/infection_monkey/network/info.py index 6b9c5811e..3efa8e68d 100644 --- a/monkey/infection_monkey/network/info.py +++ b/monkey/infection_monkey/network/info.py @@ -125,7 +125,7 @@ def check_internet_access(services): """ for host in services: try: - requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) + requests.get("https://%s" % (host,), timeout=TIMEOUT, verify=False) # noqa: DUO123 return True except ConnectionError: # Failed connecting