From ccfcf2cedb4878cba76fe49505477d60e8d8b1fb Mon Sep 17 00:00:00 2001
From: singe <singe-github@singe.za.net>
Date: Thu, 10 Apr 2014 15:24:14 +0200
Subject: [PATCH 1/3] Added FTP STARTTLS support to heartbleed scanner.

---
 .../auxiliary/scanner/ssl/openssl_heartbleed.rb    | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
index 4b1121eb87..f7e4963bd6 100644
--- a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
+++ b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@@ -78,7 +78,8 @@ class Metasploit3 < Msf::Auxiliary
     'SMTP'   => :tls_smtp,
     'IMAP'   => :tls_imap,
     'JABBER' => :tls_jabber,
-    'POP3'   => :tls_pop3
+    'POP3'   => :tls_pop3,
+    'FTP'   => :tls_ftp
   }
 
   def initialize
@@ -118,7 +119,7 @@ class Metasploit3 < Msf::Auxiliary
     register_options(
       [
         Opt::RPORT(443),
-        OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]),
+        OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3', 'FTP' ]]),
         OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']])
       ], self.class)
 
@@ -133,6 +134,15 @@ class Metasploit3 < Msf::Auxiliary
     "#{rhost}:#{rport}"
   end
 
+  def tls_ftp
+    res = sock.get_once
+    #unless res && res +~ /^220/
+        #return nil
+    #end
+    sock.put("AUTH TLS\r\n")
+    sock.get_once
+  end
+
   def tls_smtp
     # https://tools.ietf.org/html/rfc3207
     sock.get_once

From 98816c3a012e74025c94ee5af9ac099c773309a2 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <FireFart@gmail.com>
Date: Thu, 10 Apr 2014 00:23:57 +0200
Subject: [PATCH 2/3] Added @sensepost FTP implemenation

---
 .../auxiliary/scanner/ssl/openssl_heartbleed.rb | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
index f7e4963bd6..87a29733ef 100644
--- a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
+++ b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@@ -79,7 +79,7 @@ class Metasploit3 < Msf::Auxiliary
     'IMAP'   => :tls_imap,
     'JABBER' => :tls_jabber,
     'POP3'   => :tls_pop3,
-    'FTP'   => :tls_ftp
+    'FTP'    => :tls_ftp
   }
 
   def initialize
@@ -202,6 +202,21 @@ class Metasploit3 < Msf::Auxiliary
     sock.get_once
   end
 
+  def tls_ftp
+    # http://tools.ietf.org/html/rfc4217
+    res = sock.get
+    return nil if res.nil?
+    sock.put("AUTH TLS\r\n")
+    res = sock.get_once
+    return nil if res.nil?
+    if res !~ /^234/
+      # res contains the error message
+      vprint_error("#{peer} - FTP error: #{res.strip}")
+      return nil
+    end
+    res
+  end
+
   def run_host(ip)
     connect
 

From 4fc272c0e9f365f2a633abee2081b2dd2566a2e0 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <FireFart@gmail.com>
Date: Thu, 10 Apr 2014 00:53:14 +0200
Subject: [PATCH 3/3] Fix merge error

---
 modules/auxiliary/scanner/ssl/openssl_heartbleed.rb | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
index 87a29733ef..a4a9b176bc 100644
--- a/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
+++ b/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
@@ -134,15 +134,6 @@ class Metasploit3 < Msf::Auxiliary
     "#{rhost}:#{rport}"
   end
 
-  def tls_ftp
-    res = sock.get_once
-    #unless res && res +~ /^220/
-        #return nil
-    #end
-    sock.put("AUTH TLS\r\n")
-    sock.get_once
-  end
-
   def tls_smtp
     # https://tools.ietf.org/html/rfc3207
     sock.get_once