diff --git a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
index 4f6274c6d..77b7afde8 100644
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@@ -258,16 +258,17 @@ class ReportPageComponent extends AuthComponent {
}).length} threats:
{this.state.report.overview.issues[this.Issue.STOLEN_SSH_KEYS] &&
- - Stolen SSH keys are used to exploit other machines.
}
+ - Stolen SSH keys are used to exploit other machines.
}
{this.state.report.overview.issues[this.Issue.STOLEN_CREDS] &&
- - Stolen credentials are used to exploit other machines.
}
+ - Stolen credentials are used to exploit other machines.
}
{this.state.report.overview.issues[this.Issue.ELASTIC] &&
- Elasticsearch servers are vulnerable to
.
}
{this.state.report.overview.issues[this.Issue.VSFTPD] &&
@@ -311,47 +312,47 @@ class ReportPageComponent extends AuthComponent {
).
}
{this.state.report.overview.issues[this.Issue.WEAK_PASSWORD] &&
- - Machines are accessible using passwords supplied by the user during the Monkey’s
- configuration.
}
+ - Machines are accessible using passwords supplied by the user during the Monkey’s
+ configuration.
}
{this.state.report.overview.issues[this.Issue.AZURE] &&
- - Azure machines expose plaintext passwords. (
-
}
+ )
+ }
{this.state.report.overview.issues[this.Issue.STRUTS2] &&
- - Struts2 servers are vulnerable to remote code execution. (
-
}
+ )
+ }
{this.state.report.overview.issues[this.Issue.WEBLOGIC] &&
- - Oracle WebLogic servers are susceptible to a remote code execution vulnerability.
}
+ - Oracle WebLogic servers are susceptible to a remote code execution vulnerability.
}
{this.state.report.overview.issues[this.Issue.HADOOP] &&
- - Hadoop/Yarn servers are vulnerable to remote code execution.
}
+ - Hadoop/Yarn servers are vulnerable to remote code execution.
}
{this.state.report.overview.issues[this.Issue.PTH_CRIT_SERVICES_ACCESS] &&
- - Mimikatz found login credentials of a user who has admin access to a server defined as
- critical.
}
+ - Mimikatz found login credentials of a user who has admin access to a server defined as
+ critical.
}
{this.state.report.overview.issues[this.Issue.MSSQL] &&
- - MS-SQL servers are vulnerable to remote code execution via xp_cmdshell command.
}
+ - MS-SQL servers are vulnerable to remote code execution via xp_cmdshell command.
}
{this.state.report.overview.issues[this.Issue.DRUPAL] &&
- - Drupal servers are susceptible to a remote code execution vulnerability
- (
+ CVE-2019-6340
+ ).
+
}
{this.generateZerologonOverview()}
@@ -435,10 +436,11 @@ class ReportPageComponent extends AuthComponent {
href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472"
target={"_blank"}
className={"security-report-link"}>
- CVE-2020-1472)!
+ CVE-2020-1472
+ )!
)
} else {
- return none;
+ return null;
}
return ({zerologonOverview})
}
@@ -985,7 +987,8 @@ class ReportPageComponent extends AuthComponent {
href="https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/xp-cmdshell-server-configuration-option?view=sql-server-2017"
target={"_blank"}
className={"security-report-link"}>
- Microsoft's documentation.
+ Microsoft's documentation.
+
);
@@ -1007,9 +1010,9 @@ class ReportPageComponent extends AuthComponent {
variant={"link"}
href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472"
target={"_blank"}
- className={"security-report-link"}
- >
- Microsoft's documentation.
+ className={"security-report-link"}>
+ Microsoft's documentation.
+
{!issue.password_restored ?
@@ -1020,8 +1023,7 @@ class ReportPageComponent extends AuthComponent {
variant={"link"}
href="https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/zerologon/"
target={"_blank"}
- className={"security-report-link"}
- >
+ className={"security-report-link"}>
here
.
@@ -1034,76 +1036,76 @@ class ReportPageComponent extends AuthComponent {
generateIssue = (issue) => {
let issueData;
switch (issue.type) {
- case 'vsftp':
+ case "vsftp":
issueData = this.generateVsftpdBackdoorIssue(issue);
break;
- case 'smb_password':
+ case "smb_password":
issueData = this.generateSmbPasswordIssue(issue);
break;
- case 'smb_pth':
+ case "smb_pth":
issueData = this.generateSmbPthIssue(issue);
break;
- case 'wmi_password':
+ case "wmi_password":
issueData = this.generateWmiPasswordIssue(issue);
break;
- case 'wmi_pth':
+ case "wmi_pth":
issueData = this.generateWmiPthIssue(issue);
break;
- case 'ssh':
+ case "ssh":
issueData = this.generateSshIssue(issue);
break;
- case 'ssh_key':
+ case "ssh_key":
issueData = this.generateSshKeysIssue(issue);
break;
- case 'sambacry':
+ case "sambacry":
issueData = this.generateSambaCryIssue(issue);
break;
- case 'elastic':
+ case "elastic":
issueData = this.generateElasticIssue(issue);
break;
- case 'shellshock':
+ case "shellshock":
issueData = this.generateShellshockIssue(issue);
break;
- case 'conficker':
+ case "conficker":
issueData = this.generateConfickerIssue(issue);
break;
- case 'island_cross_segment':
+ case "island_cross_segment":
issueData = this.generateIslandCrossSegmentIssue(issue);
break;
- case 'shared_passwords':
+ case "shared_passwords":
issueData = this.generateSharedCredsIssue(issue);
break;
- case 'shared_passwords_domain':
+ case "shared_passwords_domain":
issueData = this.generateSharedCredsDomainIssue(issue);
break;
- case 'shared_admins_domain':
+ case "shared_admins_domain":
issueData = this.generateSharedLocalAdminsIssue(issue);
break;
- case 'strong_users_on_crit':
+ case "strong_users_on_crit":
issueData = this.generateStrongUsersOnCritIssue(issue);
break;
- case 'tunnel':
+ case "tunnel":
issueData = this.generateTunnelIssue(issue);
break;
- case 'azure_password':
+ case "azure_password":
issueData = this.generateAzureIssue(issue);
break;
- case 'struts2':
+ case "struts2":
issueData = this.generateStruts2Issue(issue);
break;
- case 'weblogic':
+ case "weblogic":
issueData = this.generateWebLogicIssue(issue);
break;
- case 'hadoop':
+ case "hadoop":
issueData = this.generateHadoopIssue(issue);
break;
- case 'mssql':
+ case "mssql":
issueData = this.generateMSSQLIssue(issue);
break;
- case 'drupal':
+ case "drupal":
issueData = this.generateDrupalIssue(issue);
break;
- case 'zerologon':
+ case "zerologon":
issueData = this.generateZerologonIssue(issue);
break;
}