From 9d4ee88e0958fb43ac95e561374e830505be91ec Mon Sep 17 00:00:00 2001
From: Mike Salvatore <mike.s.salvatore@gmail.com>
Date: Mon, 5 Jul 2021 13:50:13 -0400
Subject: [PATCH] Island: Do not allow Windows ransomware target paths
 beginning with "$"

As far as I can tell, environment variables in Windows look like %NAME%.
Variables in powershell begin with $, but file explorer doesn't
recognize paths beginning with $ as valid.
---
 .../components/configuration-components/ValidationFormats.js    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js b/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
index 6c4ba15a1..414d6071a 100644
--- a/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
+++ b/monkey/monkey_island/cc/ui/src/components/configuration-components/ValidationFormats.js
@@ -11,7 +11,7 @@ const linuxPathStartsWithTildeRegex = /^~/ // path starts with `~`
 const windowsAbsolutePathRegex = /^([A-Za-z]:(\\|\/))/ // path starts like `C:\` OR `C:/`
 const windowsEnvVarNonNumeric = '[A-Za-z#\\$\'\\(\\)\\*\\+,-\\.\\?@\\[\\]_`\\{\\}~+ ]'
 const windowsPathStartsWithEnvVariableRegex = new RegExp(
-	`^\\$|^%(${windowsEnvVarNonNumeric}+(${windowsEnvVarNonNumeric}|\\d)*)%`
+	`^%(${windowsEnvVarNonNumeric}+(${windowsEnvVarNonNumeric}|\\d)*)%`
 );// path starts like `$` OR `%abc%`
 
 const emptyRegex = /^$/