diff --git a/monkey/monkey_island/cc/resources/attack/attack_config.py b/monkey/monkey_island/cc/resources/attack/attack_config.py index 9ed4c71b0..021663521 100644 --- a/monkey/monkey_island/cc/resources/attack/attack_config.py +++ b/monkey/monkey_island/cc/resources/attack/attack_config.py @@ -25,7 +25,7 @@ class AttackConfiguration(flask_restful.Resource): config_json = json.loads(request.data) if 'reset_attack_matrix' in config_json: AttackConfig.reset_config() - return jsonify(configuration=AttackConfig.get_config()['properties']) + return jsonify(configuration=AttackConfig.get_config()) else: AttackConfig.update_config({'properties': json.loads(request.data)}) AttackConfig.apply_to_monkey_config() diff --git a/monkey/monkey_island/cc/services/attack/attack_config.py b/monkey/monkey_island/cc/services/attack/attack_config.py index a92d448f8..6feff990e 100644 --- a/monkey/monkey_island/cc/services/attack/attack_config.py +++ b/monkey/monkey_island/cc/services/attack/attack_config.py @@ -26,7 +26,7 @@ class AttackConfig(object): :return: Technique object or None if technique is not found """ attack_config = AttackConfig.get_config() - for key, attack_type in list(attack_config['properties'].items()): + for key, attack_type in list(attack_config.items()): for key, technique in list(attack_type['properties'].items()): if key == technique_id: return technique @@ -169,7 +169,7 @@ class AttackConfig(object): """ attack_config = AttackConfig.get_config() techniques = {} - for type_name, attack_type in list(attack_config['properties'].items()): + for type_name, attack_type in list(attack_config.items()): for key, technique in list(attack_type['properties'].items()): techniques[key] = technique['value'] return techniques diff --git a/monkey/monkey_island/cc/ui/src/components/Main.js b/monkey/monkey_island/cc/ui/src/components/Main.js index 9f4b18bc8..b2a9c9789 100644 --- a/monkey/monkey_island/cc/ui/src/components/Main.js +++ b/monkey/monkey_island/cc/ui/src/components/Main.js @@ -10,7 +10,7 @@ import MapPage from 'components/pages/MapPage'; import TelemetryPage from 'components/pages/TelemetryPage'; import StartOverPage from 'components/pages/StartOverPage'; import ReportPage from 'components/pages/ReportPage'; -import ZeroTrustReportPage from 'components/pages/ZeroTrustReportPage'; +import ZeroTrustReportPage from 'components/report-components/ZeroTrustReport'; import LicensePage from 'components/pages/LicensePage'; import AuthComponent from 'components/AuthComponent'; import LoginPageComponent from 'components/pages/LoginPage'; @@ -152,16 +152,7 @@ class AppComponent extends AuthComponent {
- - To improve the monkey's detection rates, try adding users and passwords and enable the "Local - network - scan" config value under Basic - Network. -
- } -- The first monkey run was started on {this.state.report.overview.monkey_start_time}. After {this.state.report.overview.monkey_duration}, all monkeys finished - propagation attempts. -
-- The monkey started propagating from the following machines where it was manually installed: -
- The monkeys were run with the following configuration: -
- { - this.state.report.overview.config_users.length > 0 ? -- Usernames used for brute-forcing: -
- Brute forcing uses stolen credentials only. No credentials were supplied during Monkey’s - configuration. -
- } - { - this.state.report.overview.config_exploits.length > 0 ? - ( - this.state.report.overview.config_exploits[0] === 'default' ? - '' - : -- The Monkey uses the following exploit methods: -
- No exploits are used by the Monkey. -
- } - { - this.state.report.overview.config_ips.length > 0 ? -- The Monkey scans the following IPs: -
- Note: Monkeys were configured to avoid scanning of the local network. -
- } -- The Monkey discovered {this.state.report.glance.scanned.length} machines and - successfully breached {this.state.report.glance.exploited.length} of them. -
-- From the attacker's point of view, the network looks like this: -
-- This map visualizes possible attack paths through the network using credential compromise. Paths represent lateral - movement opportunities by attackers. -
-- This report shows information about ATT&CK techniques used by Infection Monkey. -
-+ This report shows information about ATT&CK techniques used by Infection Monkey. +
- - You have to run a monkey before generating a report! -
; - } else if (this.state.report === false) { - content = (+ + To improve the monkey's detection rates, try adding users and passwords and enable the "Local + network + scan" config value under Basic - Network. +
+ } ++ The first monkey run was started on {this.state.report.overview.monkey_start_time}. After {this.state.report.overview.monkey_duration}, all monkeys finished + propagation attempts. +
++ The monkey started propagating from the following machines where it was manually installed: +
+ The monkeys were run with the following configuration: +
+ { + this.state.report.overview.config_users.length > 0 ? ++ Usernames used for brute-forcing: +
+ Brute forcing uses stolen credentials only. No credentials were supplied during Monkey’s + configuration. +
+ } + { + this.state.report.overview.config_exploits.length > 0 ? + ( + this.state.report.overview.config_exploits[0] === 'default' ? + '' + : ++ The Monkey uses the following exploit methods: +
+ No exploits are used by the Monkey. +
+ } + { + this.state.report.overview.config_ips.length > 0 ? ++ The Monkey scans the following IPs: +
+ Note: Monkeys were configured to avoid scanning of the local network. +
+ } ++ The Monkey discovered {this.state.report.glance.scanned.length} machines and + successfully breached {this.state.report.glance.exploited.length} of them. +
++ From the attacker's point of view, the network looks like this: +
++ This map visualizes possible attack paths through the network using credential compromise. Paths represent lateral + movement opportunities by attackers. +
+Get a quick glance at how your network aligns with the @@ -36,6 +34,5 @@ export default class SummarySection extends Component { } SummarySection.propTypes = { - allMonkeysAreDead: PropTypes.bool, pillars: PropTypes.object };