p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Collapsible-Collapsable

This commit is contained in:
Itay Mizeretz 2017-11-28 17:12:48 +02:00
parent da55b0b26b
commit 881cf5e793
1 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
monkey_island/cc/ui/src/components/pages/ReportPage.js
View File

@ -6,7 +6,7 @@ import {ReactiveGraph} from 'components/reactive-graph/ReactiveGraph';
import {options, edgeGroupToColor} from 'components/map/MapOptions'; import {options, edgeGroupToColor} from 'components/map/MapOptions';
import StolenPasswords from 'components/report-components/StolenPasswords'; import StolenPasswords from 'components/report-components/StolenPasswords';
import ScannedBreachedChart from 'components/report-components/ScannedBreachedChart'; import ScannedBreachedChart from 'components/report-components/ScannedBreachedChart';
import CollapsableWellComponent from "../report-components/CollapsibleWell"; import CollapsibleWellComponent from "../report-components/CollapsibleWell";
class ReportPageComponent extends React.Component { class ReportPageComponent extends React.Component {
@ -79,14 +79,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">SMB</span> attack. className="label label-danger">SMB</span> attack.
<br/> <br/>
The attack succeeded by authenticating over SMB protocol with user <span The attack succeeded by authenticating over SMB protocol with user <span
className="label label-success">{issue.username}</span> and its password. className="label label-success">{issue.username}</span> and its password.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -96,14 +96,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">SMB</span> attack. className="label label-danger">SMB</span> attack.
<br/> <br/>
The attack succeeded by using a pass-the-hash attack over SMB protocol with user <span The attack succeeded by using a pass-the-hash attack over SMB protocol with user <span
className="label label-success">{issue.username}</span>. className="label label-success">{issue.username}</span>.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -113,14 +113,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">WMI</span> attack. className="label label-danger">WMI</span> attack.
<br/> <br/>
The attack succeeded by authenticating over WMI protocol with user <span The attack succeeded by authenticating over WMI protocol with user <span
className="label label-success">{issue.username}</span> and its password. className="label label-success">{issue.username}</span> and its password.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -130,14 +130,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">WMI</span> attack. className="label label-danger">WMI</span> attack.
<br/> <br/>
The attack succeeded by using a pass-the-hash attack over WMI protocol with user <span The attack succeeded by using a pass-the-hash attack over WMI protocol with user <span
className="label label-success">{issue.username}</span>. className="label label-success">{issue.username}</span>.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -147,14 +147,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">SSH</span> attack. className="label label-danger">SSH</span> attack.
<br/> <br/>
The attack succeeded by authenticating over SSH protocol with user <span The attack succeeded by authenticating over SSH protocol with user <span
className="label label-success">{issue.username}</span> and its password. className="label label-success">{issue.username}</span> and its password.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -164,14 +164,14 @@ class ReportPageComponent extends React.Component {
<div> <div>
Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password Change <span className="label label-success">{issue.username}</span>'s password to a complex one-use password
that is not shared with other computers on the network. that is not shared with other computers on the network.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">RDP</span> attack. className="label label-danger">RDP</span> attack.
<br/> <br/>
The attack succeeded by authenticating over RDP protocol with user <span The attack succeeded by authenticating over RDP protocol with user <span
className="label label-success">{issue.username}</span> and its password. className="label label-success">{issue.username}</span> and its password.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -183,7 +183,7 @@ class ReportPageComponent extends React.Component {
that is not shared with other computers on the network. that is not shared with other computers on the network.
<br/> <br/>
Update your Samba server to 4.4.14 and up, 4.5.10 and up, or 4.6.4 and up. Update your Samba server to 4.4.14 and up, 4.5.10 and up, or 4.6.4 and up.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">SambaCry</span> attack. className="label label-danger">SambaCry</span> attack.
@ -191,7 +191,7 @@ class ReportPageComponent extends React.Component {
The attack succeeded by authenticating over SMB protocol with user <span The attack succeeded by authenticating over SMB protocol with user <span
className="label label-success">{issue.username}</span> and its password, and by using the SambaCry className="label label-success">{issue.username}</span> and its password, and by using the SambaCry
vulnerability. vulnerability.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -200,13 +200,13 @@ class ReportPageComponent extends React.Component {
return ( return (
<div> <div>
Update your Elastic Search server to version 1.4.3 and up. Update your Elastic Search server to version 1.4.3 and up.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to an <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to an <span
className="label label-danger">Elastic Groovy</span> attack. className="label label-danger">Elastic Groovy</span> attack.
<br/> <br/>
The attack succeeded because the Elastic Search server was not parched against CVE-2015-1427. The attack succeeded because the Elastic Search server was not parched against CVE-2015-1427.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -215,7 +215,7 @@ class ReportPageComponent extends React.Component {
return ( return (
<div> <div>
Update your Bash to a ShellShock-patched version. Update your Bash to a ShellShock-patched version.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span The machine <span className="label label-primary">{issue.machine}</span> with the following IP address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">ShellShock</span> attack. className="label label-danger">ShellShock</span> attack.
@ -223,7 +223,7 @@ class ReportPageComponent extends React.Component {
The attack succeeded because the HTTP server running on port <span The attack succeeded because the HTTP server running on port <span
className="label label-info">{issue.port}</span> was vulnerable to a shell injection attack on the className="label label-info">{issue.port}</span> was vulnerable to a shell injection attack on the
paths: {this.generateShellshockPathListBadges(issue.paths)}. paths: {this.generateShellshockPathListBadges(issue.paths)}.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -232,14 +232,14 @@ class ReportPageComponent extends React.Component {
return ( return (
<div> <div>
Install the latest Windows updates or upgrade to a newer operating system. Install the latest Windows updates or upgrade to a newer operating system.
<CollapsableWellComponent> <CollapsibleWellComponent>
The machine <span className="label label-primary">{issue.machine}</span> with the following address <span The machine <span className="label label-primary">{issue.machine}</span> with the following address <span
className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span className="label label-info" style={{margin: '2px'}}>{issue.ip_address}</span> was vulnerable to a <span
className="label label-danger">Conficker</span> attack. className="label label-danger">Conficker</span> attack.
<br/> <br/>
The attack succeeded because the target machine uses an outdated and unpatched operating system vulnerable to The attack succeeded because the target machine uses an outdated and unpatched operating system vulnerable to
Conficker. Conficker.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -248,13 +248,13 @@ class ReportPageComponent extends React.Component {
return ( return (
<div> <div>
Segment your network. Make sure machines can't access machines from other segments. Segment your network. Make sure machines can't access machines from other segments.
<CollapsableWellComponent> <CollapsibleWellComponent>
The network can probably be segmented. A monkey instance on <span The network can probably be segmented. A monkey instance on <span
className="label label-primary">{issue.machine}</span> in the className="label label-primary">{issue.machine}</span> in the
networks {this.generateInfoBadges(issue.networks)} networks {this.generateInfoBadges(issue.networks)}
could directly access the Monkey Island C&C server in the could directly access the Monkey Island C&C server in the
networks {this.generateInfoBadges(issue.server_networks)}. networks {this.generateInfoBadges(issue.server_networks)}.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }
@ -263,11 +263,11 @@ class ReportPageComponent extends React.Component {
return ( return (
<div> <div>
Use micro-segmentation policies to disable communication other than the required. Use micro-segmentation policies to disable communication other than the required.
<CollapsableWellComponent> <CollapsibleWellComponent>
Machines are not locked down at port level. Network tunnel was set up from <span Machines are not locked down at port level. Network tunnel was set up from <span
className="label label-primary">{issue.machine}</span> to <span className="label label-primary">{issue.machine}</span> to <span
className="label label-primary">{issue.dest}</span>. className="label label-primary">{issue.dest}</span>.
</CollapsableWellComponent> </CollapsibleWellComponent>
</div> </div>
); );
} }