p20319658
/
monkey
forked from p34709852/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Minor formatting improvements in SecurityReport.js

This commit is contained in:
VakarisZ 2021-03-01 15:50:02 +02:00 committed by Mike Salvatore
parent e49b7b85cc
commit 9171ed8190
1 changed files with 57 additions and 55 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

112
monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
View File

@ -258,16 +258,17 @@ class ReportPageComponent extends AuthComponent {
}).length} threats</span>:
<ul>
{this.state.report.overview.issues[this.Issue.STOLEN_SSH_KEYS] &&
<li>Stolen SSH keys are used to exploit other machines.</li>}
<li>Stolen SSH keys are used to exploit other machines.</li>}
{this.state.report.overview.issues[this.Issue.STOLEN_CREDS] &&
<li>Stolen credentials are used to exploit other machines.</li>}
<li>Stolen credentials are used to exploit other machines.</li>}
{this.state.report.overview.issues[this.Issue.ELASTIC] &&
<li>Elasticsearch servers are vulnerable to
<Button
variant={"link"}
href="https://www.cvedetails.com/cve/cve-2015-1427"
target={"_blank"}
className={"security-report-link"}>CVE-2015-1427
className={"security-report-link"}>
CVE-2015-1427
</Button>.
</li>}
{this.state.report.overview.issues[this.Issue.VSFTPD] &&
@ -311,47 +312,47 @@ class ReportPageComponent extends AuthComponent {
</Button>).
</li>}
{this.state.report.overview.issues[this.Issue.WEAK_PASSWORD] &&
<li>Machines are accessible using passwords supplied by the user during the Monkeys
configuration.</li>}
<li>Machines are accessible using passwords supplied by the user during the Monkeys
configuration.</li>}
{this.state.report.overview.issues[this.Issue.AZURE] &&
<li>Azure machines expose plaintext passwords. (
<Button
<li>Azure machines expose plaintext passwords. (
<Button
variant={"link"}
href="https://www.guardicore.com/2018/03/recovering-plaintext-passwords-azure/"
target={"_blank"}
className={"security-report-link"}>
More info
</Button>)
</li>}
</Button>)
</li>}
{this.state.report.overview.issues[this.Issue.STRUTS2] &&
<li>Struts2 servers are vulnerable to remote code execution. (
<Button
<li>Struts2 servers are vulnerable to remote code execution. (
<Button
variant={"link"}
href="https://cwiki.apache.org/confluence/display/WW/S2-045"
target={"_blank"}
className={"security-report-link"}>
CVE-2017-5638
</Button>)
</li>}
</Button>)
</li>}
{this.state.report.overview.issues[this.Issue.WEBLOGIC] &&
<li>Oracle WebLogic servers are susceptible to a remote code execution vulnerability.</li>}
<li>Oracle WebLogic servers are susceptible to a remote code execution vulnerability.</li>}
{this.state.report.overview.issues[this.Issue.HADOOP] &&
<li>Hadoop/Yarn servers are vulnerable to remote code execution.</li>}
<li>Hadoop/Yarn servers are vulnerable to remote code execution.</li>}
{this.state.report.overview.issues[this.Issue.PTH_CRIT_SERVICES_ACCESS] &&
<li>Mimikatz found login credentials of a user who has admin access to a server defined as
critical.</li>}
<li>Mimikatz found login credentials of a user who has admin access to a server defined as
critical.</li>}
{this.state.report.overview.issues[this.Issue.MSSQL] &&
<li>MS-SQL servers are vulnerable to remote code execution via xp_cmdshell command.</li>}
<li>MS-SQL servers are vulnerable to remote code execution via xp_cmdshell command.</li>}
{this.state.report.overview.issues[this.Issue.DRUPAL] &&
<li>Drupal servers are susceptible to a remote code execution vulnerability
(<Button
<li>Drupal servers are susceptible to a remote code execution vulnerability
(<Button
variant={"link"}
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340"
target={"_blank"}
className={"security-report-link"}>
CVE-2019-6340
</Button>).
</li>
CVE-2019-6340
</Button>).
</li>
}
{this.generateZerologonOverview()}
</ul>
@ -435,10 +436,11 @@ class ReportPageComponent extends AuthComponent {
href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472"
target={"_blank"}
className={"security-report-link"}>
CVE-2020-1472</Button>)!
CVE-2020-1472
</Button>)!
</>)
} else {
return none;
return null;
}
return (<li>{zerologonOverview}</li>)
}
@ -985,7 +987,8 @@ class ReportPageComponent extends AuthComponent {
href="https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/xp-cmdshell-server-configuration-option?view=sql-server-2017"
target={"_blank"}
className={"security-report-link"}>
Microsoft's documentation. </Button>
Microsoft's documentation.
</Button>
</CollapsibleWellComponent>
</>
);
@ -1007,9 +1010,9 @@ class ReportPageComponent extends AuthComponent {
variant={"link"}
href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472"
target={"_blank"}
className={"security-report-link"}
>
Microsoft's documentation.</Button>
className={"security-report-link"}>
Microsoft's documentation.
</Button>
{!issue.password_restored ?
<div className={'info-pane-warning'} key={'warning'}>
<br/><WarningIcon/>
@ -1020,8 +1023,7 @@ class ReportPageComponent extends AuthComponent {
variant={"link"}
href="https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/"
target={"_blank"}
className={"security-report-link"}
>
className={"security-report-link"}>
here
</Button>.
</span>
@ -1034,76 +1036,76 @@ class ReportPageComponent extends AuthComponent {
generateIssue = (issue) => {
let issueData;
switch (issue.type) {
case 'vsftp':
case "vsftp":
issueData = this.generateVsftpdBackdoorIssue(issue);
break;
case 'smb_password':
case "smb_password":
issueData = this.generateSmbPasswordIssue(issue);
break;
case 'smb_pth':
case "smb_pth":
issueData = this.generateSmbPthIssue(issue);
break;
case 'wmi_password':
case "wmi_password":
issueData = this.generateWmiPasswordIssue(issue);
break;
case 'wmi_pth':
case "wmi_pth":
issueData = this.generateWmiPthIssue(issue);
break;
case 'ssh':
case "ssh":
issueData = this.generateSshIssue(issue);
break;
case 'ssh_key':
case "ssh_key":
issueData = this.generateSshKeysIssue(issue);
break;
case 'sambacry':
case "sambacry":
issueData = this.generateSambaCryIssue(issue);
break;
case 'elastic':
case "elastic":
issueData = this.generateElasticIssue(issue);
break;
case 'shellshock':
case "shellshock":
issueData = this.generateShellshockIssue(issue);
break;
case 'conficker':
case "conficker":
issueData = this.generateConfickerIssue(issue);
break;
case 'island_cross_segment':
case "island_cross_segment":
issueData = this.generateIslandCrossSegmentIssue(issue);
break;
case 'shared_passwords':
case "shared_passwords":
issueData = this.generateSharedCredsIssue(issue);
break;
case 'shared_passwords_domain':
case "shared_passwords_domain":
issueData = this.generateSharedCredsDomainIssue(issue);
break;
case 'shared_admins_domain':
case "shared_admins_domain":
issueData = this.generateSharedLocalAdminsIssue(issue);
break;
case 'strong_users_on_crit':
case "strong_users_on_crit":
issueData = this.generateStrongUsersOnCritIssue(issue);
break;
case 'tunnel':
case "tunnel":
issueData = this.generateTunnelIssue(issue);
break;
case 'azure_password':
case "azure_password":
issueData = this.generateAzureIssue(issue);
break;
case 'struts2':
case "struts2":
issueData = this.generateStruts2Issue(issue);
break;
case 'weblogic':
case "weblogic":
issueData = this.generateWebLogicIssue(issue);
break;
case 'hadoop':
case "hadoop":
issueData = this.generateHadoopIssue(issue);
break;
case 'mssql':
case "mssql":
issueData = this.generateMSSQLIssue(issue);
break;
case 'drupal':
case "drupal":
issueData = this.generateDrupalIssue(issue);
break;
case 'zerologon':
case "zerologon":
issueData = this.generateZerologonIssue(issue);
break;
}