From c65439e049f97ea4f98e92fbf3d4e19e3b84a10e Mon Sep 17 00:00:00 2001 From: Ilija Lazoroski Date: Fri, 15 Jul 2022 15:58:22 +0200 Subject: [PATCH] UI: Remove WeakPassword issue * We don't have the passwords used for exploiting the machines in the UI * All it will be reworked --- .../report-components/SecurityReport.js | 22 ++----------------- .../security/issues/WeakPasswordIssue.js | 6 ----- 2 files changed, 2 insertions(+), 26 deletions(-) delete mode 100644 monkey/monkey_island/cc/ui/src/components/report-components/security/issues/WeakPasswordIssue.js diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js index 9196a0e2d..929147a1c 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js @@ -37,7 +37,6 @@ import { } from './security/issues/SharedPasswordsIssue'; import {tunnelIssueReport, tunnelIssueOverview} from './security/issues/TunnelIssue'; import {stolenCredsIssueOverview} from './security/issues/StolenCredsIssue'; -import {weakPasswordIssueOverview} from './security/issues/WeakPasswordIssue'; import {strongUsersOnCritIssueReport} from './security/issues/StrongUsersOnCritIssue'; import { zerologonIssueOverview, @@ -45,7 +44,7 @@ import { zerologonOverviewWithFailedPassResetWarning } from './security/issues/ZerologonIssue'; import {powershellIssueOverview, powershellIssueReport} from './security/issues/PowershellIssue'; -import {getCredentialsSecrets, getCredentialsUsernames} from './credentialParsing'; +import {getCredentialsSecrets} from './credentialParsing'; import UsedCredentials from './security/UsedCredentials'; @@ -148,10 +147,6 @@ class ReportPageComponent extends AuthComponent { [this.issueContentTypes.REPORT]: strongUsersOnCritIssueReport, [this.issueContentTypes.TYPE]: this.issueTypes.DANGER }, - 'weak_password': { - [this.issueContentTypes.OVERVIEW]: weakPasswordIssueOverview, - [this.issueContentTypes.TYPE]: this.issueTypes.DANGER - }, 'stolen_creds': { [this.issueContentTypes.OVERVIEW]: stolenCredsIssueOverview, [this.issueContentTypes.TYPE]: this.issueTypes.DANGER @@ -596,30 +591,17 @@ class ReportPageComponent extends AuthComponent { let overview_issues = []; for(let i=0; i < issues.length; i++) { - if (this.isWeakCredentialsIssue(issues[i])) { - overview_issues.push('weak_password') - } else if (this.isStolenCredentialsIssue(issues[i])) { + if (this.isStolenCredentialsIssue(issues[i])) { overview_issues.push('stolen_creds'); } else { overview_issues.push(issues[i]) } } - const newOverview = { ...report.overview, issues : overview_issues }; - const newReport = { ...report, overview : newOverview }; - - return newReport; } - isWeakCredentialsIssue(issue) { - return (Object.prototype.hasOwnProperty.call(issue, 'credential_type') && - issue.credential_type === 'PASSWORD' && - getCredentialsSecrets(this.state.configuredCredentials, 'password').includes(issue.password) && - getCredentialsUsernames(this.state.configuredCredentials).includes(issue.username)) - } - isStolenCredentialsIssue(issue) { return ( Object.prototype.hasOwnProperty.call(issue, 'credential_type') && (getCredentialsSecrets(this.state.stolenCredentials, 'password').includes(issue.password) || diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/WeakPasswordIssue.js b/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/WeakPasswordIssue.js deleted file mode 100644 index ee3c6c04f..000000000 --- a/monkey/monkey_island/cc/ui/src/components/report-components/security/issues/WeakPasswordIssue.js +++ /dev/null @@ -1,6 +0,0 @@ -import React from 'react'; - -export function weakPasswordIssueOverview() { - return (
  • Machines are accessible using passwords supplied by the user during the Monkey’s - configuration.
    • ) -}