Class: Metasploit::Framework::LoginScanner::FTP

Inherits:

Object

• Object
• Metasploit::Framework::LoginScanner::FTP

Includes:

Ftp::Client, Base, RexSocket

Defined in:

lib/metasploit/framework/login_scanner/ftp.rb

Overview

This is the LoginScanner class for dealing with FTP. It is responsible for taking a single target, and a list of credentials and attempting them. It then saves the results.

Constant Summary

DEFAULT_PORT =

21

LIKELY_PORTS =

[ DEFAULT_PORT, 2121 ]

LIKELY_SERVICE_NAMES =

[ 'ftp' ]

PRIVATE_TYPES =

[ :password ]

REALM_KEY =

nil

Instance Attribute Summary

• #ftp_timeout ⇒ Integer

  The timeout in seconds to wait for a response to an FTP command.

Attributes included from Ftp::Client

#banner, #datasocket

Attributes included from Tcp::Client

#max_send_size, #send_delay, #sock

Instance Method Summary

• #attempt_login(credential) ⇒ Object

Methods included from Ftp::Client

#connect, #connect_login, #data_connect, #data_disconnect, #raw_send, #raw_send_recv, #recv_ftp_resp, #send_cmd, #send_cmd_data, #send_pass, #send_quit, #send_user

Methods included from Tcp::Client

#chost, #connect, #cport, #disconnect, #proxies, #rhost, #rport, #set_tcp_evasions, #ssl, #ssl_version

Instance Attribute Details

#ftp_timeout ⇒ Integer

Returns The timeout in seconds to wait for a response to an FTP command.

Returns:

• (Integer) —

  The timeout in seconds to wait for a response to an FTP command

# File 'lib/metasploit/framework/login_scanner/ftp.rb', line 25

def ftp_timeout
  @ftp_timeout
end

Instance Method Details

#attempt_login(credential) ⇒ Object

# File 'lib/metasploit/framework/login_scanner/ftp.rb', line 37

def attempt_login(credential)
  result_options = {
      credential: credential
  }

  begin
    success = connect_login(credential.public, credential.private)
  rescue ::EOFError, Errno::ECONNRESET, Rex::ConnectionError, Rex::ConnectionTimeout, ::Timeout::Error
    result_options[:status] = Metasploit::Model::Login::Status::UNABLE_TO_CONNECT
    success = false
  ensure
    disconnect
  end

  if success
    result_options[:status] = Metasploit::Model::Login::Status::SUCCESSFUL
  elsif !(result_options.has_key? :status)
    result_options[:status] = Metasploit::Model::Login::Status::INCORRECT
  end

  result = ::Metasploit::Framework::LoginScanner::Result.new(result_options)
  result.host         = host
  result.port         = port
  result.protocol     = 'tcp'
  result.service_name = 'ftp'
  result
end