p34709852
/
monkey
forked from p15670423/monkey
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

* More info in the recommendations section

This commit is contained in:
maor.rayzin 2018-08-05 11:46:47 +03:00
parent cdfd6284ee
commit 3a9a92d1b9
2 changed files with 91 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
monkey_island/cc/services/pth_report.py
View File

@ -3,11 +3,18 @@ from cc.services.pth_report_utils import PassTheHashReport, Machine
class PTHReportService(object): class PTHReportService(object):
"""
"""
def __init__(self): def __init__(self):
pass pass
@staticmethod @staticmethod
def get_duplicated_password_nodes(pth): def get_duplicated_password_nodes(pth):
"""
"""
usernames_lists = [] usernames_lists = []
usernames_per_sid_list = [] usernames_per_sid_list = []
@ -110,7 +117,6 @@ class PTHReportService(object):
@staticmethod @staticmethod
def get_duplicated_passwords_issues(pth, password_groups): def get_duplicated_passwords_issues(pth, password_groups):
issues = [] issues = []
issues_dict = {}
for group in password_groups: for group in password_groups:
for username in group['cred_group']: for username in group['cred_group']:
sid = list(pth.GetSidsByUsername(username.split('\\')[1])) sid = list(pth.GetSidsByUsername(username.split('\\')[1]))
@ -124,13 +130,38 @@ class PTHReportService(object):
} }
) )
for issue in issues: return issues
machine = issue['machine']
if machine not in issues_dict:
issues_dict[machine] = []
issues_dict[machine].append(issue)
return issues_dict @staticmethod
def get_shared_local_admins_issues(shared_admins_machines):
issues = []
for machine in shared_admins_machines:
issues.append(
{
'type': 'shared_admins',
'machine': machine.get('hostname'),
'shared_accounts': machine.get('admins_accounts'),
'ip': machine.get('ip'),
}
)
return issues
@staticmethod
def strong_users_on_crit_issues(strong_users):
issues = []
for machine in strong_users:
issues.append(
{
'type': 'strong_users_on_crit',
'machine': machine.get('hostname'),
'services': machine.get('services_names'),
'ip': machine.get('ip'),
'threatening_users': machine.get('threatening_users')
}
)
return issues
@staticmethod @staticmethod
def generate_map_nodes(pth): def generate_map_nodes(pth):
@ -150,14 +181,33 @@ class PTHReportService(object):
return nodes_list return nodes_list
@staticmethod
def get_issues_list(issues):
issues_dict = {}
for issue in issues:
machine = issue['machine']
if machine not in issues_dict:
issues_dict[machine] = []
issues_dict[machine].append(issue)
return issues_dict
@staticmethod @staticmethod
def get_report(): def get_report():
issues = []
pth = PassTheHashReport() pth = PassTheHashReport()
same_password = PTHReportService.get_duplicated_password_nodes(pth) same_password = PTHReportService.get_duplicated_password_nodes(pth)
local_admin_shared = PTHReportService.get_shared_local_admins_nodes(pth) local_admin_shared = PTHReportService.get_shared_local_admins_nodes(pth)
strong_users_on_crit_services = PTHReportService.get_strong_users_on_crit_services(pth) strong_users_on_crit_services = PTHReportService.get_strong_users_on_crit_services(pth)
strong_users_on_non_crit_services = PTHReportService.get_strong_users_on_non_crit_services(pth) strong_users_on_non_crit_services = PTHReportService.get_strong_users_on_non_crit_services(pth)
issues = PTHReportService.get_duplicated_passwords_issues(pth, same_password)
issues += PTHReportService.get_duplicated_passwords_issues(pth, same_password)
issues += PTHReportService.get_shared_local_admins_issues(local_admin_shared)
issues += PTHReportService.strong_users_on_crit_issues(strong_users_on_crit_services)
formated_issues = PTHReportService.get_issues_list(issues)
report = \ report = \
{ {
@ -167,7 +217,7 @@ class PTHReportService(object):
'local_admin_shared': local_admin_shared, 'local_admin_shared': local_admin_shared,
'strong_users_on_crit_services': strong_users_on_crit_services, 'strong_users_on_crit_services': strong_users_on_crit_services,
'strong_users_on_non_crit_services': strong_users_on_non_crit_services, 'strong_users_on_non_crit_services': strong_users_on_non_crit_services,
'pth_issues': issues 'pth_issues': formated_issues
}, },
'pthmap': 'pthmap':
{ {

32
monkey_island/cc/ui/src/components/pages/ReportPage.js
View File

@ -751,6 +751,32 @@ class ReportPageComponent extends AuthComponent {
); );
} }
generateSharedLocalAdminsIssue(issue) {
return (
<li>
This machine shares a local admin account with another machine
<CollapsibleWellComponent>
Here is a list showing users that are acting as admins on this machine and others:
{this.generateInfoBadges(issue.shared_accounts)}
</CollapsibleWellComponent>
</li>
);
}
generateStrongUsersOnCritIssue(issue) {
return (
<li>
This critical machine is open to attacks via strong users with access to it.
<CollapsibleWellComponent>
The services: {this.generateInfoBadges(issue.services)} have been found on the machine
thus classifying it as a critical machine.
These users has access to it:
{this.generateInfoBadges(issue.threatening_users)}.
</CollapsibleWellComponent>
</li>
);
}
generateTunnelIssue(issue) { generateTunnelIssue(issue) {
return ( return (
<li> <li>
@ -826,6 +852,12 @@ class ReportPageComponent extends AuthComponent {
case 'shared_password': case 'shared_password':
data = this.generateSharedCredsIssue(issue); data = this.generateSharedCredsIssue(issue);
break; break;
case 'shared_admins':
data = this.generateSharedLocalAdminsIssue(issue);
break;
case 'strong_users_on_crit':
data = this.generateStrongUsersOnCritIssue(issue);
break;
case 'tunnel': case 'tunnel':
data = this.generateTunnelIssue(issue); data = this.generateTunnelIssue(issue);
break; break;