Don't show actual password on stolen creds table

2017-11-28 14:22:11 +02:00 · 2017-11-28 14:22:11 +02:00 · 046b18e71c
parent 2aadb12815
commit 046b18e71c
2 changed files with 1 additions and 3 deletions
--- a/monkey_island/cc/services/report.py
+++ b/monkey_island/cc/services/report.py
@ -88,7 +88,7 @@ class ReportService:

    @staticmethod
    def get_stolen_creds():
-        PASS_TYPE_DICT = {'password': 'Password', 'lm_hash': 'LM', 'ntlm_hash': 'NTLM'}
+        PASS_TYPE_DICT = {'password': 'Clear Password', 'lm_hash': 'LM', 'ntlm_hash': 'NTLM'}
        creds = []
        for telem in mongo.db.telemetry.find(
                {'telem_type': 'system_info_collection', 'data.credentials': {'$exists': True}},
@ -103,7 +103,6 @@ class ReportService:
                    creds.append(
                        {
                            'username': user,
-                            'password': monkey_creds[user][pass_type],
                            'type': PASS_TYPE_DICT[pass_type],
                            'origin': origin
                        }
--- a/monkey_island/cc/ui/src/components/report-components/StolenPasswords.js
+++ b/monkey_island/cc/ui/src/components/report-components/StolenPasswords.js
@ -6,7 +6,6 @@ const columns = [
    Header: 'Stolen Credentials',
    columns: [
      { Header: 'Username', accessor: 'username'},
-      { Header: 'Password/Hash', accessor: 'password'},
      { Header: 'Type', accessor: 'type'},
      { Header: 'Origin', accessor: 'origin'}
    ]