diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js index 77b7afde8..f96b98cdb 100644 --- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js +++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js @@ -110,7 +110,7 @@ class ReportPageComponent extends AuthComponent { print(); }}/> -
+

{content} @@ -142,7 +142,7 @@ class ReportPageComponent extends AuthComponent { generateReportOverviewSection() { return ( -
+

Overview

@@ -151,7 +151,7 @@ class ReportPageComponent extends AuthComponent { this.state.report.glance.exploited.length > 0 ? '' : -

+

To improve the monkey's detection rates, try adding users and passwords and enable the "Local network @@ -160,8 +160,8 @@ class ReportPageComponent extends AuthComponent { }

The first monkey run was started on {this.state.report.overview.monkey_start_time}. After {this.state.report.overview.monkey_duration}, all monkeys finished + className='badge badge-info'>{this.state.report.overview.monkey_start_time}. After {this.state.report.overview.monkey_duration}, all monkeys finished propagation attempts.

@@ -238,7 +238,7 @@ class ReportPageComponent extends AuthComponent { generateReportFindingsSection() { return ( -

+

Security Findings

@@ -252,7 +252,7 @@ class ReportPageComponent extends AuthComponent { }).length > 0 ?
During this simulated attack the Monkey uncovered + className='badge badge-warning'> {this.state.report.overview.issues.filter(function (x) { return x === true; }).length} threats: @@ -264,50 +264,50 @@ class ReportPageComponent extends AuthComponent { {this.state.report.overview.issues[this.Issue.ELASTIC] &&
  • Elasticsearch servers are vulnerable to .
  • } {this.state.report.overview.issues[this.Issue.VSFTPD] &&
  • VSFTPD is vulnerable to .
  • } {this.state.report.overview.issues[this.Issue.SAMBACRY] &&
  • Samba servers are vulnerable to ‘SambaCry’ ( ).
  • } {this.state.report.overview.issues[this.Issue.SHELLSHOCK] &&
  • Machines are vulnerable to ‘Shellshock’ ( ).
  • } {this.state.report.overview.issues[this.Issue.CONFICKER] &&
  • Machines are vulnerable to ‘Conficker’ ( ).
  • } @@ -317,20 +317,20 @@ class ReportPageComponent extends AuthComponent { {this.state.report.overview.issues[this.Issue.AZURE] &&
  • Azure machines expose plaintext passwords. ( )
  • } {this.state.report.overview.issues[this.Issue.STRUTS2] &&
  • Struts2 servers are vulnerable to remote code execution. ( )
  • } @@ -346,10 +346,10 @@ class ReportPageComponent extends AuthComponent { {this.state.report.overview.issues[this.Issue.DRUPAL] &&
  • Drupal servers are susceptible to a remote code execution vulnerability ().
  • @@ -360,7 +360,7 @@ class ReportPageComponent extends AuthComponent { :
    During this simulated attack the Monkey uncovered 0 threats. + className='badge badge-success'>0 threats.
    }
    @@ -421,10 +421,10 @@ class ReportPageComponent extends AuthComponent { if (this.state.report.overview.issues[this.Issue.ZEROLOGON_PASSWORD_RESTORE_FAILED]) { zerologonOverview.push( Automatic password restoration on a domain controller failed! - ) @@ -432,10 +432,10 @@ class ReportPageComponent extends AuthComponent { if (this.state.report.overview.issues[this.Issue.ZEROLOGON]) { zerologonOverview.push(<> Some domain controllers are vulnerable to Zerologon exploiter( - )! ) @@ -447,7 +447,7 @@ class ReportPageComponent extends AuthComponent { generateReportRecommendationsSection() { return ( -
    +
    {/* Checks if there are any domain issues. If there are more then one: render the title. Otherwise, * don't render it (since the issues themselves will be empty. */} {Object.keys(this.state.report.recommendations.domain_issues).length !== 0 ? @@ -470,36 +470,36 @@ class ReportPageComponent extends AuthComponent { let exploitPercentage = (100 * this.state.report.glance.exploited.length) / this.state.report.glance.scanned.length; return ( -
    +

    The Network from the Monkey's Eyes

    The Monkey discovered {this.state.report.glance.scanned.length} machines and + className='badge badge-warning'>{this.state.report.glance.scanned.length} machines and successfully breached {this.state.report.glance.exploited.length} of them. + className='badge badge-danger'>{this.state.report.glance.exploited.length} of them.

    -
    - +
    + {Math.round(exploitPercentage)}% of scanned machines exploited

    From the attacker's point of view, the network looks like this:

    -
    +
    Legend: - Exploit + Exploit | - Scan + Scan | - Tunnel + Tunnel | - Island Communication + Island Communication
    @@ -529,17 +529,17 @@ class ReportPageComponent extends AuthComponent { generateReportFooter() { return ( -