Added ZeroLogon overview section to the report

monkey/monkey_island/cc/services/reporting/report.py

@@ -65,6 +65,7 @@ class ReportService:
         VSFTPD = 13
         DRUPAL = 14
         ZEROLOGON = 15
+        ZEROLOGON_CRED_RESTORE_FAILED = 16
 
     class WARNINGS_DICT(Enum):
         CROSS_SEGMENT = 0
@@ -714,6 +715,9 @@ class ReportService:
                 elif issue['type'] == 'drupal':
                     issues_byte_array[ReportService.ISSUES_DICT.DRUPAL.value] = True
                 elif issue['type'] == 'zerologon':
+                    # TODO fix to propperly set restoration flag
+                    if issue['info']['zero_logon_restore_failed']:
+                        issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON_CRED_RESTORE_FAILED.value] = True
                     issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON.value] = True
                 elif issue['type'].endswith('_password') and issue['password'] in config_passwords and \
                         issue['username'] in config_users or issue['type'] == 'ssh':

monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js

@@ -14,6 +14,7 @@ import ReportLoader from './common/ReportLoader';
 import SecurityIssuesGlance from './common/SecurityIssuesGlance';
 import PrintReportButton from './common/PrintReportButton';
 import WarningIcon from '../ui-components/WarningIcon';
+import {Button} from 'react-bootstrap';
 
 import { FontAwesomeIcon } from '@fortawesome/react-fontawesome';
 import { faMinus } from '@fortawesome/free-solid-svg-icons/faMinus';
@@ -42,7 +43,8 @@ class ReportPageComponent extends AuthComponent {
       MSSQL: 12,
       VSFTPD: 13,
       DRUPAL: 14,
-      ZEROLOGON: 15
+      ZEROLOGON: 15,
+      ZEROLOGON_CRED_RESTORE_FAILED: 16
     };
 
   Warning =
@@ -308,6 +310,7 @@ class ReportPageComponent extends AuthComponent {
                     <li>Machines are vulnerable to 'Zerologon'
                       (<a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
                       CVE-2020-1472</a>).</li> : null}
+                  {this.generateZeroLogonOverview()}
                 </ul>
               </div>
               :
@@ -365,6 +368,29 @@ class ReportPageComponent extends AuthComponent {
     );
   }
 
+  generateZeroLogonOverview() {
+    let zeroLogonOverview = [];
+
+    // TODO finish this by linking to the documentation
+    if(this.state.report.overview.issues[this.Issue.ZEROLOGON_CRED_RESTORE_FAILED]) {
+      zeroLogonOverview.push(<span>
+        <WarningIcon/> Automatic password restoration on a domain controller failed!
+        <Button variant={"link"} href={"#"} className={'security-report-link'}>
+        Restore your domain controller's password manually.</Button>
+        </span>)
+    }
+    if(this.state.report.overview.issues[this.Issue.ZEROLOGON]) {
+      zeroLogonOverview.push(<>
+          Some domain controllers are vulnerable to ZeroLogon exploiter(
+        <a href="https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472">
+                      CVE-2020-1472</a>)!
+        </>)
+    } else {
+      return none;
+    }
+    return (<li>{zeroLogonOverview}</li>)
+  }
+
   generateReportRecommendationsSection() {
     return (
       <div id="recommendations">

monkey/monkey_island/cc/ui/src/styles/pages/report/ReportPage.scss

@@ -82,6 +82,15 @@ ul.cross-segment-issues {
   padding: 0px;
   margin: 0px;
 }
+
 span.cross-segment-service {
   text-transform: uppercase;
 }
+
+.report-page li a.btn,.security-report-link {
+  position: relative;
+  font-size: 1em;
+  padding: 0 5px;
+  line-height: 1em;
+  top: -3px;
+}