From 97c50c3caa8b36f0b93bd1fbdf8a219fdb7ad519 Mon Sep 17 00:00:00 2001 From: Shreya Malviya Date: Fri, 29 Oct 2021 18:12:06 +0530 Subject: [PATCH] UI: Remove components related to the VSFTPD exploiter --- .../report-components/SecurityReport.js | 6 ---- .../security/issues/VsftpdIssue.js | 36 ------------------- 2 files changed, 42 deletions(-) delete mode 100644 monkey/monkey_island/cc/ui/src/components/report-components/security/issues/VsftpdIssue.js diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js index 3dcf94615..c8b46c2bf 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js @@ -25,7 +25,6 @@ import {webLogicIssueOverview, webLogicIssueReport} from './security/issues/WebL import {hadoopIssueOverview, hadoopIssueReport} from './security/issues/HadoopIssue'; import {mssqlIssueOverview, mssqlIssueReport} from './security/issues/MssqlIssue'; import {drupalIssueOverview, drupalIssueReport} from './security/issues/DrupalIssue'; -import {vsftpdIssueOverview, vsftpdIssueReport} from './security/issues/VsftpdIssue'; import {wmiPasswordIssueReport, wmiPthIssueReport} from './security/issues/WmiIssue'; import {sshKeysReport, shhIssueReport, sshIssueOverview} from './security/issues/SshIssue'; import {sambacryIssueOverview, sambacryIssueReport} from './security/issues/SambacryIssue'; @@ -108,11 +107,6 @@ class ReportPageComponent extends AuthComponent { [this.issueContentTypes.REPORT]: drupalIssueReport, [this.issueContentTypes.TYPE]: this.issueTypes.DANGER }, - 'VSFTPDExploiter': { - [this.issueContentTypes.OVERVIEW]: vsftpdIssueOverview, - [this.issueContentTypes.REPORT]: vsftpdIssueReport, - [this.issueContentTypes.TYPE]: this.issueTypes.DANGER - }, 'WmiExploiter': { [this.issueContentTypes.REPORT]: { [this.credentialTypes.PASSWORD]: wmiPasswordIssueReport, diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/VsftpdIssue.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/VsftpdIssue.js deleted file mode 100644 index e5419a9c2..000000000 --- a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/VsftpdIssue.js +++ /dev/null @@ -1,36 +0,0 @@ -import React from 'react'; -import CollapsibleWellComponent from '../CollapsibleWell'; - -export function vsftpdIssueOverview() { - return (
  • VSFTPD is vulnerable to CVE-2011-2523. -
    • ) -} - -export function vsftpdIssueReport(issue) { - return ( - <> - Update your VSFTPD server to the latest version vsftpd-3.0.3. - - The machine {issue.machine} ({issue.ip_address}) has a backdoor running at - port 6200. -
    - The attack was made possible because the VSFTPD server was not patched against CVE-2011-2523. -

    In July 2011, it was discovered that vsftpd version 2.3.4 downloadable from the master site had been - compromised. - Users logging into a compromised vsftpd-2.3.4 server may issue a ":)" smileyface as the username and gain a - command - shell on port 6200. -

    - The Monkey executed commands by first logging in with ":)" in the username and then sending commands to the - backdoor - at port 6200. -

    Read more about the security issue and remediation here. -     - - ); -}