p15670423
/
monkey
1
0
Fork 5
Code Issues Pull Requests 3 Projects Releases Wiki Activity

ui: add machine-related recommendation for Zerologon to security report

This commit is contained in:
Mike Salvatore 2021-02-24 16:36:53 -05:00
parent 36bd9834a6
commit 4fbb0f2026
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
View File

@ -892,6 +892,24 @@ class ReportPageComponent extends AuthComponent {
); );
} }
generateZerologonIssue(issue) {
return (
<>
Install Windows security updates.
<CollapsibleWellComponent>
The machine <span className="badge badge-primary">{issue.machine}</span> (<span
className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to a <span
className="badge badge-danger">Zerologon exploit</span>.
<br/>
The attack was possible because the latest security updates from Microsoft
have not been applied to this machine. For more information about this
vulnerability, read <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
Microsoft's documentation.</a>
</CollapsibleWellComponent>
</>
);
}
generateIssue = (issue) => { generateIssue = (issue) => {
let issueData; let issueData;
switch (issue.type) { switch (issue.type) {
@ -964,6 +982,9 @@ class ReportPageComponent extends AuthComponent {
case 'drupal': case 'drupal':
issueData = this.generateDrupalIssue(issue); issueData = this.generateDrupalIssue(issue);
break; break;
case 'zerologon':
issueData = this.generateZerologonIssue(issue);
break;
} }
return <li key={JSON.stringify(issue)}>{issueData}</li>; return <li key={JSON.stringify(issue)}>{issueData}</li>;
}; };