p59342861
/
monkey
forked from p15670423/monkey
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UI: Remove Drupal exploiter references

This commit is contained in:
Shreya Malviya 2022-04-08 13:43:01 +05:30
parent 7eddee251e
commit ffbf0f440e
2 changed files with 0 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js
View File

@ -24,7 +24,6 @@ import {struts2IssueOverview, struts2IssueReport} from './security/issues/Struts
import {webLogicIssueOverview, webLogicIssueReport} from './security/issues/WebLogicIssue';
import {hadoopIssueOverview, hadoopIssueReport} from './security/issues/HadoopIssue';
import {mssqlIssueOverview, mssqlIssueReport} from './security/issues/MssqlIssue';
import {drupalIssueOverview, drupalIssueReport} from './security/issues/DrupalIssue';
import {wmiPasswordIssueReport, wmiPthIssueReport} from './security/issues/WmiIssue';
import {sshKeysReport, shhIssueReport, sshIssueOverview} from './security/issues/SshIssue';
import {log4shellIssueOverview, log4shellIssueReport} from './security/issues/Log4ShellIssue';
@ -98,11 +97,6 @@ class ReportPageComponent extends AuthComponent {
[this.issueContentTypes.REPORT]: mssqlIssueReport,
[this.issueContentTypes.TYPE]: this.issueTypes.DANGER
},
'DrupalExploiter': {
[this.issueContentTypes.OVERVIEW]: drupalIssueOverview,
[this.issueContentTypes.REPORT]: drupalIssueReport,
[this.issueContentTypes.TYPE]: this.issueTypes.DANGER
},
'WmiExploiter': {
[this.issueContentTypes.REPORT]: {
[this.credentialTypes.PASSWORD]: wmiPasswordIssueReport,

24
monkey/monkey_island/cc/ui/src/components/report-components/security/issues/DrupalIssue.js
View File

@ -1,24 +0,0 @@
import React from 'react';
import CollapsibleWellComponent from '../CollapsibleWell';
export function drupalIssueOverview() {
return (<li>Drupal server/s are vulnerable to <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">CVE-2019-6340</a>.</li>)
}
export function drupalIssueReport(issue) {
return (
<>
Upgrade Drupal server to versions 8.5.11, 8.6.10, or later.
<CollapsibleWellComponent>
Drupal server at <span className="badge badge-primary">{issue.machine}</span> (<span
className="badge badge-info" style={{margin: '2px'}}>{issue.ip_address}</span>) is vulnerable to <span
className="badge badge-danger">remote command execution</span> attack.
<br/>
The attack was made possible because the server is using an old version of Drupal, for which REST API is
enabled. For possible workarounds, fixes and more info read
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6340">here</a>.
</CollapsibleWellComponent>
</>
);
}