search

guardicore / monkey

Infection Monkey - An open-source adversary emulation platform
https://www.guardicore.com/infectionmonkey/
GNU General Public License v3.0
6.67k stars 785 forks source link

Conflicting ZeroTrust report (HTTP Servers) #908

Closed mssalvatore closed 2 years ago

mssalvatore commented 3 years ago

Describe the bug

The Monkey Island's ZeroTrust report gives conflicting (or confusing) results regarding whether or not it found HTTP open servers.

found_http

...

found_http_2

...

no_http_found

To Reproduce

Steps to reproduce the behavior:

Version: commit 44fd1ab69cfbab33cec638dcbbaa8831992a9a9f

  1. Configure the Monkey with default settings
  2. Configure a webserver to use HTTP
  3. Click the "From Island" button on the "Run Monkey" server
  4. Wait for scan to complete and view t he ZeroTrust report.

Machine version (please complete the following information):

VakarisZ commented 3 years ago

Yep, looks like this is the same ZT test. Maybe there's something wrong with parsing? Maybe events where the monkey found open http servers are in one finding and ones where it didn't are in another finding.

acepace commented 3 years ago

@VakarisZ how could that happen? Thought they both pulled from the same collection

VakarisZ commented 3 years ago

Don't rush fixing this, I might unconciously fix it in ScoutSuite PR

mssalvatore commented 2 years ago

The Zero Trust report was removed in #2441.