2022-09-10 23:06:14 +00:00
|
|
|
#!/usr/bin/env python3
|
|
|
|
|
# -*- coding: utf-8 -*-
|
2023-05-01 03:12:31 +00:00
|
|
|
from cme.config import process_secret
|
2022-09-10 23:06:14 +00:00
|
|
|
from cme.connection import *
|
|
|
|
|
from cme.logger import CMEAdapter
|
|
|
|
|
from ftplib import FTP, error_reply, error_temp, error_perm, error_proto
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class ftp(connection):
|
2023-05-16 01:50:54 +00:00
|
|
|
def __init__(self, args, db, host):
|
|
|
|
|
self.protocol = "FTP"
|
|
|
|
|
self.remote_version = None
|
|
|
|
|
|
|
|
|
|
super().__init__(args, db, host)
|
|
|
|
|
|
2022-09-10 23:06:14 +00:00
|
|
|
@staticmethod
|
|
|
|
|
def proto_args(parser, std_parser, module_parser):
|
2023-05-08 18:39:36 +00:00
|
|
|
ftp_parser = parser.add_parser("ftp", help="own stuff using FTP", parents=[std_parser, module_parser])
|
2023-05-02 15:17:59 +00:00
|
|
|
ftp_parser.add_argument(
|
|
|
|
|
"--no-bruteforce",
|
|
|
|
|
action="store_true",
|
|
|
|
|
help="No spray when using file for username and password (user1 => password1, user2 => password2",
|
|
|
|
|
)
|
2023-05-08 18:39:36 +00:00
|
|
|
ftp_parser.add_argument("--port", type=int, default=21, help="FTP port (default: 21)")
|
2023-05-02 15:17:59 +00:00
|
|
|
ftp_parser.add_argument(
|
|
|
|
|
"--continue-on-success",
|
|
|
|
|
action="store_true",
|
|
|
|
|
help="continues authentication attempts even after successes",
|
|
|
|
|
)
|
2022-09-10 23:06:14 +00:00
|
|
|
|
|
|
|
|
# TODO: Create more options for the protocol
|
2023-03-30 03:59:22 +00:00
|
|
|
# cgroup = ftp_parser.add_argument_group("FTP Access", "Options for enumerating your access")
|
2023-05-16 01:50:54 +00:00
|
|
|
# cgroup.add_argument("--ls", action="store_true", help="List files in the directory")
|
2022-09-10 23:06:14 +00:00
|
|
|
return parser
|
|
|
|
|
|
|
|
|
|
def proto_logger(self):
|
2023-03-30 03:59:22 +00:00
|
|
|
self.logger = CMEAdapter(
|
|
|
|
|
extra={
|
2023-04-11 23:40:35 +00:00
|
|
|
"protocol": "FTP",
|
|
|
|
|
"host": self.host,
|
|
|
|
|
"port": self.args.port,
|
2023-05-02 15:17:59 +00:00
|
|
|
"hostname": self.hostname,
|
2023-03-30 03:59:22 +00:00
|
|
|
}
|
|
|
|
|
)
|
2022-09-10 23:06:14 +00:00
|
|
|
|
|
|
|
|
def proto_flow(self):
|
|
|
|
|
self.proto_logger()
|
|
|
|
|
if self.create_conn_obj():
|
|
|
|
|
if self.enum_host_info():
|
|
|
|
|
if self.print_host_info():
|
|
|
|
|
if self.login():
|
|
|
|
|
pass
|
|
|
|
|
|
|
|
|
|
def enum_host_info(self):
|
|
|
|
|
self.remote_version = self.conn.getwelcome()
|
|
|
|
|
self.remote_version = self.remote_version.split("220", 1)[1]
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def print_host_info(self):
|
2023-04-11 23:40:35 +00:00
|
|
|
self.logger.display(f"Banner:{self.remote_version}")
|
2022-09-10 23:06:14 +00:00
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def create_conn_obj(self):
|
|
|
|
|
self.conn = FTP()
|
|
|
|
|
try:
|
|
|
|
|
self.conn.connect(host=self.host, port=self.args.port)
|
|
|
|
|
except error_reply:
|
|
|
|
|
return False
|
|
|
|
|
except error_temp:
|
|
|
|
|
return False
|
|
|
|
|
except error_perm:
|
|
|
|
|
return False
|
|
|
|
|
except error_proto:
|
|
|
|
|
return False
|
|
|
|
|
except socket.error:
|
|
|
|
|
return False
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
def plaintext_login(self, username, password):
|
|
|
|
|
try:
|
|
|
|
|
self.conn.login(user=username, passwd=password)
|
|
|
|
|
|
2023-05-02 15:17:59 +00:00
|
|
|
self.logger.success(f"{username}:{process_secret(password)}")
|
2022-09-10 23:06:14 +00:00
|
|
|
|
|
|
|
|
if not self.args.continue_on_success:
|
|
|
|
|
self.conn.close()
|
|
|
|
|
return True
|
|
|
|
|
self.conn.close()
|
|
|
|
|
except Exception as e:
|
2023-05-02 15:17:59 +00:00
|
|
|
self.logger.fail(f"{username}:{process_secret(password)} (Response:{e})")
|
2022-09-10 23:06:14 +00:00
|
|
|
self.conn.close()
|
|
|
|
|
return False
|
