Land #2324, @sensepost and @Firefart's sftp support for heartbleed

bug/bundler_fix
jvazquez-r7 2014-04-11 08:47:22 -05:00
commit fb5881d8e2
No known key found for this signature in database
GPG Key ID: 38D99152B9352D83
1 changed files with 18 additions and 2 deletions

View File

@ -78,7 +78,8 @@ class Metasploit3 < Msf::Auxiliary
'SMTP' => :tls_smtp, 'SMTP' => :tls_smtp,
'IMAP' => :tls_imap, 'IMAP' => :tls_imap,
'JABBER' => :tls_jabber, 'JABBER' => :tls_jabber,
'POP3' => :tls_pop3 'POP3' => :tls_pop3,
'FTP' => :tls_ftp
} }
def initialize def initialize
@ -118,7 +119,7 @@ class Metasploit3 < Msf::Auxiliary
register_options( register_options(
[ [
Opt::RPORT(443), Opt::RPORT(443),
OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3' ]]), OptEnum.new('STARTTLS', [true, 'Protocol to use with STARTTLS, None to avoid STARTTLS ', 'None', [ 'None', 'SMTP', 'IMAP', 'JABBER', 'POP3', 'FTP' ]]),
OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']]) OptEnum.new('TLSVERSION', [true, 'TLS version to use', '1.0', ['1.0', '1.1', '1.2']])
], self.class) ], self.class)
@ -193,6 +194,21 @@ class Metasploit3 < Msf::Auxiliary
res res
end end
def tls_ftp
# http://tools.ietf.org/html/rfc4217
res = sock.get
return nil if res.nil?
sock.put("AUTH TLS\r\n")
res = sock.get_once
return nil if res.nil?
if res !~ /^234/
# res contains the error message
vprint_error("#{peer} - FTP error: #{res.strip}")
return nil
end
res
end
def run_host(ip) def run_host(ip)
connect connect