Added ZeroLogon overview section to the report

This commit is contained in:
VakarisZ 2021-02-25 14:28:16 +02:00
parent 6581a5ab0c
commit 8b7e0d0fa0
3 changed files with 50 additions and 11 deletions
monkey/monkey_island/cc
services/reporting
ui/src
components/report-components
styles/pages/report

View File

@ -65,6 +65,7 @@ class ReportService:
VSFTPD = 13
DRUPAL = 14
ZEROLOGON = 15
ZEROLOGON_CRED_RESTORE_FAILED = 16
class WARNINGS_DICT(Enum):
CROSS_SEGMENT = 0
@ -714,6 +715,9 @@ class ReportService:
elif issue['type'] == 'drupal':
issues_byte_array[ReportService.ISSUES_DICT.DRUPAL.value] = True
elif issue['type'] == 'zerologon':
# TODO fix to propperly set restoration flag
if issue['info']['zero_logon_restore_failed']:
issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON_CRED_RESTORE_FAILED.value] = True
issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON.value] = True
elif issue['type'].endswith('_password') and issue['password'] in config_passwords and \
issue['username'] in config_users or issue['type'] == 'ssh':

View File

@ -14,6 +14,7 @@ import ReportLoader from './common/ReportLoader';
import SecurityIssuesGlance from './common/SecurityIssuesGlance';
import PrintReportButton from './common/PrintReportButton';
import WarningIcon from '../ui-components/WarningIcon';
import {Button} from 'react-bootstrap';
import { FontAwesomeIcon } from '@fortawesome/react-fontawesome';
import { faMinus } from '@fortawesome/free-solid-svg-icons/faMinus';
@ -42,7 +43,8 @@ class ReportPageComponent extends AuthComponent {
MSSQL: 12,
VSFTPD: 13,
DRUPAL: 14,
ZEROLOGON: 15
ZEROLOGON: 15,
ZEROLOGON_CRED_RESTORE_FAILED: 16
};
Warning =
@ -308,6 +310,7 @@ class ReportPageComponent extends AuthComponent {
<li>Machines are vulnerable to 'Zerologon'
(<a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
CVE-2020-1472</a>).</li> : null}
{this.generateZeroLogonOverview()}
</ul>
</div>
:
@ -365,6 +368,29 @@ class ReportPageComponent extends AuthComponent {
);
}
generateZeroLogonOverview() {
let zeroLogonOverview = [];
// TODO finish this by linking to the documentation
if(this.state.report.overview.issues[this.Issue.ZEROLOGON_CRED_RESTORE_FAILED]) {
zeroLogonOverview.push(<span>
<WarningIcon/> Automatic password restoration on a domain controller failed!
<Button variant={"link"} href={"#"} className={'security-report-link'}>
Restore your domain controller's password manually.</Button>
</span>)
}
if(this.state.report.overview.issues[this.Issue.ZEROLOGON]) {
zeroLogonOverview.push(<>
Some domain controllers are vulnerable to ZeroLogon exploiter(
<a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
CVE-2020-1472</a>)!
</>)
} else {
return none;
}
return (<li>{zeroLogonOverview}</li>)
}
generateReportRecommendationsSection() {
return (
<div id="recommendations">

View File

@ -7,15 +7,15 @@
font-size: large;
}
.report-nav > li > a{
.report-nav > li > a {
height: 50px !important;
}
.report-nav .nav-item > a{
.report-nav .nav-item > a {
color: $black;
}
.report-nav .nav-item > a.active{
.report-nav .nav-item > a.active {
font-weight: bold;
color: $black;
}
@ -72,16 +72,25 @@ div.report-wrapper {
padding-bottom: 20px;
}
div.report-wrapper .nav-tabs > .nav-item > a:hover:not(.active), .nav-tabs > .nav-item > a:focus:not(.active){
text-decoration: none;
background-color: $light-gray;
div.report-wrapper .nav-tabs > .nav-item > a:hover:not(.active), .nav-tabs > .nav-item > a:focus:not(.active) {
text-decoration: none;
background-color: $light-gray;
}
ul.cross-segment-issues {
list-style-type: none;
padding: 0px;
margin: 0px;
list-style-type: none;
padding: 0px;
margin: 0px;
}
span.cross-segment-service {
text-transform: uppercase;
text-transform: uppercase;
}
.report-page li a.btn,.security-report-link {
position: relative;
font-size: 1em;
padding: 0 5px;
line-height: 1em;
top: -3px;
}