Land #3617 from @TomSellers, ftp anon scanner

bug/bundler_fix
Tod Beardsley 2014-08-19 13:22:30 -05:00
commit 170c8b699a
No known key found for this signature in database
GPG Key ID: 1EFFB682ADB9F193
1 changed files with 51 additions and 24 deletions

View File

@ -43,32 +43,59 @@ class Metasploit3 < Msf::Auxiliary
if res if res
write_check = send_cmd(['MKD', dir] , true) write_check = send_cmd(['MKD', dir] , true)
if (write_check and write_check =~ /^2/) if write_check && write_check =~ /^2/
send_cmd( ['RMD', dir] , true) send_cmd( ['RMD', dir] , true)
print_status("#{target_host}:#{rport} Anonymous READ/WRITE (#{banner})") print_good("#{target_host}:#{rport} - Anonymous READ/WRITE (#{banner})")
access_type = "rw" access_type = 'Read/Write'
else else
print_status("#{target_host}:#{rport} Anonymous READ (#{banner})") print_good("#{target_host}:#{rport} - Anonymous READ (#{banner})")
access_type = "ro" access_type = 'Read-only'
end end
report_auth_info( register_creds(target_host, access_type)
:host => target_host,
:port => rport,
:sname => 'ftp',
:user => datastore['FTPUSER'],
:pass => datastore['FTPPASS'],
:type => "password_#{access_type}",
:active => true
)
end end
disconnect disconnect
rescue ::Interrupt rescue ::Interrupt
raise $! raise $ERROR_INFO
rescue ::Rex::ConnectionError, ::IOError rescue ::Rex::ConnectionError, ::IOError
end end
end
def register_creds(target_host, access_type)
# Build service information
service_data = {
address: target_host,
port: datastore['RPORT'],
service_name: 'ftp',
protocol: 'tcp',
workspace_id: myworkspace_id
}
# Build credential information
credential_data = {
origin_type: :service,
module_fullname: self.fullname,
private_data: datastore['FTPPASS'],
private_type: :password,
username: datastore['FTPUSER'],
workspace_id: myworkspace_id
}
credential_data.merge!(service_data)
credential_core = create_credential(credential_data)
# Assemble the options hash for creating the Metasploit::Credential::Login object
login_data = {
access_level: access_type,
core: credential_core,
last_attempted_at: DateTime.now,
status: Metasploit::Model::Login::Status::SUCCESSFUL,
workspace_id: myworkspace_id
}
login_data.merge!(service_data)
create_credential_login(login_data)
end end
end end