Mike Salvatore
abc76e0c73
docs: add missing comma on zerologon docs
...
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-02-28 18:35:07 -05:00
Mike Salvatore
5e088e6908
docs: minor rewording in zerologon docs
...
Co-authored-by: Shreya Malviya <shreya.malviya@gmail.com>
2021-02-28 18:34:47 -05:00
Mike Salvatore
f094c3e9c1
docs: Add warnings and password restoration instructions for Zerologon
2021-02-27 19:38:26 -05:00
Mike Salvatore
f6fc380fd7
ui: add fingerprinters to SafeOptionValidator
2021-02-26 14:40:49 -05:00
Mike Salvatore
67e142f4fe
ui: generalize isUnsafeOptionSelected
2021-02-26 14:33:42 -05:00
Mike Salvatore
dd7c1bb08c
ui: rework logic to remove unsafeOptionsConfirmed
2021-02-26 14:27:18 -05:00
Mike Salvatore
95af08a5fa
ui: improve names in unsafeItemSelected
2021-02-26 12:50:31 -05:00
Mike Salvatore
75bf30913a
ui: extract UnsafeOptionsConfirmationModal JSX invocation into a function
2021-02-26 12:49:57 -05:00
Shreya
2f99631ed4
Fix unit tests
2021-02-26 22:39:32 +05:30
Mike Salvatore
5a9cb8b4af
ui: switch unsafe modal cancel button to variant secondary
2021-02-26 11:11:52 -05:00
Mike Salvatore
11c30fec14
ui: simplify `onClick()` callbacks in UnsafeOptionsConfirmationModal
2021-02-26 11:08:57 -05:00
Mike Salvatore
2ef81d5688
ui: change language from "use" -> submit for consistency
2021-02-26 11:06:33 -05:00
Mike Salvatore
7079a6fd23
ui: pass callback, not return value, to setState()
2021-02-26 08:42:04 -05:00
Mike Salvatore
f094efba8f
ui: minor change to unsafe modal dialog language
...
Co-authored-by: VakarisZ <36815064+VakarisZ@users.noreply.github.com>
2021-02-26 08:10:13 -05:00
Mike Salvatore
10a4252aff
ui: remove unnecessary semicolons
2021-02-26 08:08:48 -05:00
Mike Salvatore
68e835433a
ui: sort unsafe options first so they're less likely to be hidden
2021-02-26 08:08:39 -05:00
Mike Salvatore
88e2ccb30a
ui: pass callback, not return value, to setState()
2021-02-25 20:02:33 -05:00
Mike Salvatore
f82d4a1b97
ui: fix capitalization of "Import config" button for consistency
2021-02-25 19:54:32 -05:00
Mike Salvatore
8f32c48964
ui: make unsafeItemSelected() a pure function
2021-02-25 19:47:21 -05:00
Mike Salvatore
ff28509d0d
ui: fix race in unsafe confirmation modal dialog
2021-02-25 19:41:36 -05:00
Mike Salvatore
8fd1582909
ui: display modal dialog when unsafe config is imported
2021-02-25 19:19:36 -05:00
Mike Salvatore
d160787851
ui: extract renderUnsafeOptionsConfirmationModal() into a component
2021-02-25 15:39:32 -05:00
Mike Salvatore
6813262b30
ui: check PBA, exploiter, and system info safety on submit
2021-02-25 13:37:41 -05:00
Shreya
c0d2d5b2b6
Fix typo, remove unused import, change function/variable names for consistency
2021-02-25 22:38:17 +05:30
Mike Salvatore
510b001c2a
ui: add a modal dialog that asks users to confirm unsafe options
2021-02-25 11:59:01 -05:00
Shreya
f9ea196b98
Add unit tests for `set_server_ips_in_config()` in monkey_island/cc/services/config.py
2021-02-25 22:14:36 +05:30
VakarisZ
ce697b3a45
Improved exception handling of expected exceptions - if they are expected, we don't need to see the error trace.
2021-02-25 16:27:45 +02:00
VakarisZ
e9b84ff86d
Improved zero logon exploiter to fail on failed domain controller name fetch.
2021-02-25 16:27:45 +02:00
Mike Salvatore
67fd1712b5
report: rename ZEROLOGON_CRED_RESTORE_FAILED -> ZEROLOGON_PASSWORD_RESTORED
2021-02-25 09:04:47 -05:00
Shreya
11e6b9e281
Take IPs for Run Monkey -> Manual page from configuration
2021-02-25 19:06:17 +05:30
VakarisZ
94ac75e649
Improved zero logon overview UI and added password restoration warning to overview.
2021-02-25 15:29:22 +02:00
VakarisZ
8b7e0d0fa0
Added ZeroLogon overview section to the report
2021-02-25 15:16:00 +02:00
Shreya
6581a5ab0c
Add warning to machine-specific recommendation if password was not reset
2021-02-25 18:17:50 +05:30
Shreya
3da1de39a6
Add Zerologon (and Drupal) information to "Immediate Threats"
2021-02-25 14:54:36 +05:30
Mike Salvatore
f17c08d286
cc,agent: rename password_restore_success -> password_restored
2021-02-24 17:26:31 -05:00
Mike Salvatore
70fd7d7bb0
cc: add password_restore_success to zerologon report issue
2021-02-24 17:15:32 -05:00
Mike Salvatore
4fbb0f2026
ui: add machine-related recommendation for Zerologon to security report
2021-02-24 16:36:53 -05:00
Mike Salvatore
36bd9834a6
agent: add zerologon password restore success/failure to telemetry
2021-02-24 15:07:42 -05:00
Mike Salvatore
b6bb6d8221
cc: format exploiter_classes.py with black
2021-02-24 13:40:49 -05:00
Mike Salvatore
b5b8d289ca
cc: add a note about resetting password after failed zerologon attempt
2021-02-24 13:23:46 -05:00
Shreya Malviya
bc3283c4a5
Merge pull request #911 from shreyamalviya/zerologon-exploiter
...
Zerologon Exploiter
2021-02-24 17:58:45 +05:30
Shreya Malviya
43cac3568b
Reword exploiter description
...
Co-authored-by: Mike Salvatore <mike.s.salvatore@gmail.com>
2021-02-24 16:18:58 +05:30
Shreya
28edf7d2b7
Encrypt credentials before logging
2021-02-24 16:08:36 +05:30
VakarisZ
fdeb54d541
Added jwt_required decorator to the "local_run" endpoint, in order to avoid malicious actors running the monkey
2021-02-23 10:47:37 -05:00
Shreya
db52f0966f
Modify `PaginatedTable`: let `ReactTable` handle the case where no data is available
2021-02-23 10:00:56 -05:00
Mike Salvatore
4aa9a14f13
ci: remove `swimm verify` for now
...
There is a bug in swimm that is causing `swimm verify` to fail in the CI
pipeline, eventhough it succeeds locally. Disabling for now while the
swimm team works to rectify the issue.
2021-02-23 07:51:56 -05:00
Shreya
353e9844dc
Modify unit tests
2021-02-23 12:57:50 +05:30
dependabot[bot]
8b60625d81
build(deps): bump marked in /monkey/monkey_island/cc/ui
...
Bumps [marked](https://github.com/markedjs/marked ) from 1.1.1 to 2.0.0.
- [Release notes](https://github.com/markedjs/marked/releases )
- [Changelog](https://github.com/markedjs/marked/blob/master/release.config.js )
- [Commits](https://github.com/markedjs/marked/compare/v1.1.1...v2.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-22 12:50:28 -05:00
Shreya
a2c11759a4
Add unit tests
2021-02-22 22:35:46 +05:30
Shreya
defc94dd59
Add zerologon_utils/vuln_assessment.py
2021-02-22 18:44:06 +05:30