From c308532ff49e032d2c24e8fd0aa0817453f0d078 Mon Sep 17 00:00:00 2001
From: Oran Nadler <orann>
Date: Tue, 17 Apr 2018 15:54:03 +0300
Subject: [PATCH] show low sevirity threat users

---
 monkey_island/cc/resources/pthmap.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/monkey_island/cc/resources/pthmap.py b/monkey_island/cc/resources/pthmap.py
index 4ac543a31..ade484ea7 100644
--- a/monkey_island/cc/resources/pthmap.py
+++ b/monkey_island/cc/resources/pthmap.py
@@ -824,6 +824,11 @@ class PassTheHashMap(object):
 
         return machines
 
+    @cache
+    def GetNonCritialServers(self):
+        return self.machines - self.GetCritialServers()
+        
+    @cache
     def GetThreateningUsersByVictim(self, victim):
         threatening_users = set()
         
@@ -874,6 +879,26 @@ def main():
 
         print """</ul></td></tr>"""
     print """</table>"""
+    
+    
+    print "<h2>Strong Users That Threat NonCritical Servers</h2>"
+    print "<h3>Administrators of non-critical servers that we could find thier secret cached somewhere</h3>"
+    
+    threatening = dict(map(lambda x: (x, len(pth.GetThreateningUsersByVictim(x))), pth.GetNonCritialServers()))
+    
+    print """<table>"""
+    print """<tr><th>Critical Server</th><th>Hostname</th><th>Domain</th><th>Threatening User Count</th><th>Threatening Users</th></tr>"""
+    for m, count in sorted(threatening.iteritems(), key=lambda (k,v): (v,k), reverse=True):
+        if count <= 0:
+            continue
+        print """<tr><td><a href="#{ip}">{ip}</a></td><td>{hostname}</td><td>{domain}</td><td>{count}</td>""".format(ip=m.GetIp(), hostname=m.GetHostName(), domain=m.GetDomainName(), count=count)
+        print """<td><ul>"""
+        
+        for sid in pth.GetThreateningUsersByVictim(m):
+            print """<li><a href="#{sid}">{username}</a></li>""".format(sid=sid, username=pth.GetUsernameBySid(sid))
+
+        print """</ul></td></tr>"""
+    print """</table>"""
    
     
     print "<h2>Cached Passwords</h2>"