Land #3617 from @TomSellers, ftp anon scanner

2014-08-19 13:22:30 -05:00 · 2014-08-19 13:22:30 -05:00 · 170c8b699a
parent 311cc5befb 3fdad4dc91
commit 170c8b699a
1 changed files with 51 additions and 24 deletions
--- a/modules/auxiliary/scanner/ftp/anonymous.rb
+++ b/modules/auxiliary/scanner/ftp/anonymous.rb
@ -35,40 +35,67 @@ class Metasploit3 < Msf::Auxiliary

    begin

-    res = connect_login(true, false)
+      res = connect_login(true, false)

-    banner.strip! if banner
+      banner.strip! if banner

-    dir = Rex::Text.rand_text_alpha(8)
-    if res
-      write_check = send_cmd( ['MKD', dir] , true)
+      dir = Rex::Text.rand_text_alpha(8)
+      if res
+        write_check = send_cmd(['MKD', dir] , true)

-      if (write_check and write_check =~ /^2/)
-        send_cmd( ['RMD', dir] , true)
+        if write_check && write_check =~ /^2/
+          send_cmd( ['RMD', dir] , true)

-        print_status("#{target_host}:#{rport} Anonymous READ/WRITE (#{banner})")
-        access_type = "rw"
-      else
-        print_status("#{target_host}:#{rport} Anonymous READ (#{banner})")
-        access_type = "ro"
+          print_good("#{target_host}:#{rport} - Anonymous READ/WRITE (#{banner})")
+          access_type = 'Read/Write'
+        else
+          print_good("#{target_host}:#{rport} - Anonymous READ (#{banner})")
+          access_type = 'Read-only'
+        end
+        register_creds(target_host, access_type)
      end
-      report_auth_info(
-        :host   => target_host,
-        :port   => rport,
-        :sname  => 'ftp',
-        :user   => datastore['FTPUSER'],
-        :pass   => datastore['FTPPASS'],
-        :type  => "password_#{access_type}",
-        :active => true
-      )
-    end

-    disconnect
+      disconnect

    rescue ::Interrupt
-      raise $!
+      raise $ERROR_INFO
    rescue ::Rex::ConnectionError, ::IOError
    end
+  end

+  def register_creds(target_host, access_type)
+    # Build service information
+    service_data = {
+      address: target_host,
+      port: datastore['RPORT'],
+      service_name: 'ftp',
+      protocol: 'tcp',
+      workspace_id: myworkspace_id
+    }
+
+    # Build credential information
+    credential_data = {
+      origin_type: :service,
+      module_fullname: self.fullname,
+      private_data: datastore['FTPPASS'],
+      private_type: :password,
+      username: datastore['FTPUSER'],
+      workspace_id: myworkspace_id
+    }
+
+    credential_data.merge!(service_data)
+    credential_core = create_credential(credential_data)
+
+    # Assemble the options hash for creating the Metasploit::Credential::Login object
+    login_data = {
+      access_level: access_type,
+      core: credential_core,
+      last_attempted_at: DateTime.now,
+      status: Metasploit::Model::Login::Status::SUCCESSFUL,
+      workspace_id: myworkspace_id
+    }
+
+    login_data.merge!(service_data)
+    create_credential_login(login_data)
  end
 end