p15693087
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Report content fix

This commit is contained in:
Itay Mizeretz 2017-12-12 12:07:37 +02:00
parent 8bc9e3a65f
commit c8e553721f
3 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
monkey_island/cc/services/report.py
View File

@ -89,7 +89,7 @@ class ReportService:
@staticmethod @staticmethod
def get_stolen_creds(): def get_stolen_creds():
PASS_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM', 'ntlm_hash': 'NTLM'} PASS_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM hash', 'ntlm_hash': 'NTLM hash'}
creds = [] creds = []
for telem in mongo.db.telemetry.find( for telem in mongo.db.telemetry.find(
{'telem_type': 'system_info_collection', 'data.credentials': {'$exists': True}}, {'telem_type': 'system_info_collection', 'data.credentials': {'$exists': True}},

16
monkey_island/cc/ui/src/components/pages/ReportPage.js
View File

@ -367,11 +367,11 @@ class ReportPageComponent extends React.Component {
this.state.report.glance.exploited.length > 0 ? this.state.report.glance.exploited.length > 0 ?
(<p className="alert alert-danger"> (<p className="alert alert-danger">
<i className="glyphicon glyphicon-exclamation-sign" style={{'marginRight': '5px'}}/> <i className="glyphicon glyphicon-exclamation-sign" style={{'marginRight': '5px'}}/>
Critical security issues found by Infection Monkey! Critical security issues were detected!
</p>) : </p>) :
(<p className="alert alert-success"> (<p className="alert alert-success">
<i className="glyphicon glyphicon-ok-sign" style={{'marginRight': '5px'}}/> <i className="glyphicon glyphicon-ok-sign" style={{'marginRight': '5px'}}/>
Infection Monkey did not find any critical security issues. No critical security issues were detected.
</p>) </p>)
} }
{ {
@ -386,8 +386,8 @@ class ReportPageComponent extends React.Component {
} }
<p className="alert alert-info"> <p className="alert alert-info">
<i className="glyphicon glyphicon-info-sign" style={{'marginRight': '5px'}}/> <i className="glyphicon glyphicon-info-sign" style={{'marginRight': '5px'}}/>
To improve the monkey's success rate, try adding users and passwords, and enabling the "Local To improve the monkey's detection rates, try adding users and passwords and enable the "Local network
network scan" config value under "Basic - Network" scan" config value under <b>Basic - Network</b>.
</p> </p>
<p> <p>
The first monkey run was started on <span The first monkey run was started on <span
@ -424,7 +424,7 @@ class ReportPageComponent extends React.Component {
{ {
this.state.report.overview.config_exploits.length > 0 ? this.state.report.overview.config_exploits.length > 0 ?
<p> <p>
Use the following exploit methods: Used the following exploit methods:
<ul> <ul>
{this.state.report.overview.config_exploits.map(x => <li>{x}</li>)} {this.state.report.overview.config_exploits.map(x => <li>{x}</li>)}
</ul> </ul>
@ -450,7 +450,7 @@ class ReportPageComponent extends React.Component {
'' ''
: :
<p> <p>
Monkeys were configured to not scan local network Monkeys were configured to avoid scanning of the local network.
</p> </p>
} }
<p> <p>
@ -468,12 +468,12 @@ class ReportPageComponent extends React.Component {
During this simulated attack the Monkey uncovered <span During this simulated attack the Monkey uncovered <span
className="label label-warning">{this.state.report.overview.issues.filter(function (x) { className="label label-warning">{this.state.report.overview.issues.filter(function (x) {
return x === true; return x === true;
}).length} issues</span>, detailed below. The security issues uncovered include: }).length} issues</span>:
<ul> <ul>
{this.state.report.overview.issues[this.Issue.WEAK_PASSWORD] ? {this.state.report.overview.issues[this.Issue.WEAK_PASSWORD] ?
<li>Users with weak passwords.</li> : null} <li>Users with weak passwords.</li> : null}
{this.state.report.overview.issues[this.Issue.STOLEN_CREDS] ? {this.state.report.overview.issues[this.Issue.STOLEN_CREDS] ?
<li>Stolen passwords/hashes were used to exploit other machines.</li> : null} <li>Stolen credentials were used to exploit other machines.</li> : null}
{this.state.report.overview.issues[this.Issue.ELASTIC] ? {this.state.report.overview.issues[this.Issue.ELASTIC] ?
<li>Elastic Search servers not patched for <a <li>Elastic Search servers not patched for <a
href="https://www.cvedetails.com/cve/cve-2015-1427">CVE-2015-1427</a>. href="https://www.cvedetails.com/cve/cve-2015-1427">CVE-2015-1427</a>.

2
monkey_island/cc/ui/src/components/report-components/StolenPasswords.js
View File

@ -7,7 +7,7 @@ const columns = [
columns: [ columns: [
{ Header: 'Username', accessor: 'username'}, { Header: 'Username', accessor: 'username'},
{ Header: 'Type', accessor: 'type'}, { Header: 'Type', accessor: 'type'},
{ Header: 'Origin', accessor: 'origin'} { Header: 'Stolen From', accessor: 'origin'}
] ]
} }
]; ];