Changed the logic of zerologon password restoration issue overview to be more consistent with the function of issue map.

2021-03-01 10:05:18 +02:00 · 2021-03-01 10:05:18 +02:00 · b3e9922d0f
parent abc76e0c73
commit b3e9922d0f
2 changed files with 5 additions and 6 deletions
--- a/monkey/monkey_island/cc/services/reporting/report.py
+++ b/monkey/monkey_island/cc/services/reporting/report.py
@ -65,7 +65,7 @@ class ReportService:
        VSFTPD = 13
        DRUPAL = 14
        ZEROLOGON = 15
-        ZEROLOGON_PASSWORD_RESTORED = 16
+        ZEROLOGON_PASSWORD_RESTORE_FAILED = 16

    class WARNINGS_DICT(Enum):
        CROSS_SEGMENT = 0
@ -715,8 +715,8 @@ class ReportService:
                elif issue['type'] == 'drupal':
                    issues_byte_array[ReportService.ISSUES_DICT.DRUPAL.value] = True
                elif issue['type'] == 'zerologon':
-                    if issue['password_restored']:
-                        issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON_PASSWORD_RESTORED.value] = True
+                    if not issue['password_restored']:
+                        issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON_PASSWORD_RESTORE_FAILED.value] = True
                    issues_byte_array[ReportService.ISSUES_DICT.ZEROLOGON.value] = True
                elif issue['type'].endswith('_password') and issue['password'] in config_passwords and \
                        issue['username'] in config_users or issue['type'] == 'ssh':
--- a/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
+++ b/monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
@ -44,7 +44,7 @@ class ReportPageComponent extends AuthComponent {
      VSFTPD: 13,
      DRUPAL: 14,
      ZEROLOGON: 15,
-      ZEROLOGON_PASSWORD_RESTORED: 16
+      ZEROLOGON_PASSWORD_RESTORE_FAILED: 16
    };

  Warning =
@ -367,8 +367,7 @@ class ReportPageComponent extends AuthComponent {
  generateZerologonOverview() {
    let zerologonOverview = [];

-    // TODO finish this by linking to the documentation
-    if(!this.state.report.overview.issues[this.Issue.ZEROLOGON_PASSWORD_RESTORED]) {
+    if (this.state.report.overview.issues[this.Issue.ZEROLOGON_PASSWORD_RESTORE_FAILED]) {
      zerologonOverview.push(<span>
        <WarningIcon/> Automatic password restoration on a domain controller failed!
        <Button variant={"link"} href={"#"} target={"_blank"} className={"security-report-link"}>