Added delay/jitter to ftpbounce scan

2015-12-05 15:22:52 +00:00 · 2015-12-05 15:22:52 +00:00 · 40d3ebbc94
parent 33563129c1
commit 40d3ebbc94
1 changed files with 16 additions and 2 deletions
--- a/modules/auxiliary/scanner/portscan/ftpbounce.rb
+++ b/modules/auxiliary/scanner/portscan/ftpbounce.rb
@ -27,6 +27,8 @@ class Metasploit3 < Msf::Auxiliary
      OptString.new('PORTS', [true, "Ports to scan (e.g. 22-25,80,110-900)", "1-10000"]),
      OptAddress.new('BOUNCEHOST', [true, "FTP relay host"]),
      OptPort.new('BOUNCEPORT', [true, "FTP relay port", 21])
+      OptInt.new('DELAY', [true, "The delay between connections, per thread, in milliseconds", 0]),
+      OptInt.new('JITTER', [true, "The delay jitter factor (maximum value by which to +/- DELAY) in milliseconds.", 0]),
    ])

    deregister_options('RHOST', 'RPORT')
@ -47,11 +49,20 @@ class Metasploit3 < Msf::Auxiliary

  def run_host(ip)
    ports = Rex::Socket.portspec_crack(datastore['PORTS'])
-
    if ports.empty?
      raise Msf::OptionValidateError.new(['PORTS'])
    end

+    jitter_value = datastore['JITTER'].to_i
+    if jitter_value<0 
+      raise Msf::OptionValidateError.new(['JITTER'])
+    end 
+
+    delay_value = datastore['DELAY'].to_i
+    if delay_value<0 
+      raise Msf::OptionValidateError.new(['DELAY'])
+    end
+
    return if not connect_login

    ports.each do |port|
@ -64,8 +75,11 @@ class Metasploit3 < Msf::Auxiliary
      end

      begin
-        host = (ip.split('.') + [port / 256, port % 256]).join(',')

+        # Add the delay based on JITTER and DELAY if needs be
+        add_delay_jitter(delay_value,jitter_value)
+
+        host = (ip.split('.') + [port / 256, port % 256]).join(',')
        resp = send_cmd(["PORT", host])

        if resp =~ /^5/