New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add module base32 encoder #10915

Closed
wants to merge 7 commits into
base: master
from

Conversation

Projects
None yet
4 participants
@ismailtasdelen

ismailtasdelen commented Nov 4, 2018

Tell us what this change does. If you're fixing a bug, please mention
the github issue number.

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • use use auxiliary/scanner/ftps/ftps_version
  • ...
  • Verify the thing does what it should
  • Verify the thing does not do what it should not
  • Document the thing and how it works (Example)

#10921

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

The scanner module I have prepared is running.

downloadable module 👌 --> ftps_version.zip

@bcoles

This comment has been minimized.

Contributor

bcoles commented Nov 4, 2018

Does the existing FTP version scanner module not work for FTPS servers?

I'm also kind of confused about the Msf::Exploit::Remote::Ftps mixin included in your module. This mixin doesn't exist.

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

Hello @bcoles

I'm writing a metasploit module for the first time. It differs from the FTP scanner module. FTPS is a different protocol.

Msf::Exploit::Remote::Ftps --> You're right about that. I fixed it.

Thanks

@ismailtasdelen ismailtasdelen changed the title from Add Module [ FTPS Version Scanner ] - ftps_version.rb to add module [ ftps version scanner ] - ftps_version.rb Nov 4, 2018

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

Hello @bcoles

When metasploit is included in the module ?

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

Hello @bcoles ,

I saw him involved.

Thanks

@h00die

This comment has been minimized.

Contributor

h00die commented Nov 4, 2018

What @bcoles is referring to is that SSL is often obfuscated from the user. For instance, most HTTP modules work seamlessly with HTTPS as well, just by setting the different port.
Most likely auxiliary/scanner/ftp/ftp_version set to port 990 (or 21 if it wasn't changed) may also work against ftps, and therefore a new module isn't required.

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

I can't see it when I look at the master. I'm guessing it wasn't a master. When is it included?

@h00die

This comment has been minimized.

Contributor

h00die commented Nov 4, 2018

Shodan showed me some servers claiming FTPS on 21.

msf auxiliary(scanner/ftp/ftp_version) > set rhosts 132.210.236.33
rhosts => 132.210.236.33
msf auxiliary(scanner/ftp/ftp_version) > run

[*] 132.210.236.33:21     - Connecting to FTP server 132.210.236.33:21...
[*] 132.210.236.33:21     - Connected to target FTP server.
[+] 132.210.236.33:21     - FTP Banner: '220 Serveur FTPS pr\xc3\xaat.\x0d\x0a'
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

and nmap

PORT   STATE SERVICE REASON         VERSION
21/tcp open  ftp     syn-ack ttl 48 ProFTPD (requires SSL)

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

Thanks for the came back 👍

@h00die

This comment has been minimized.

Contributor

h00die commented Nov 4, 2018

had to switch between several computers :)

@ismailtasdelen

This comment has been minimized.

ismailtasdelen commented Nov 4, 2018

Sorry :D

add module md5 encoder
msf > use encoder/ruby/md5

ismailtasdelen added some commits Nov 4, 2018

@ismailtasdelen ismailtasdelen reopened this Nov 4, 2018

@ismailtasdelen ismailtasdelen changed the title from add module [ ftps version scanner ] - ftps_version.rb to add module md5 encoder Nov 4, 2018

def initialize
super(
'Name' => 'Ruby Md5 Encoder',

This comment has been minimized.

@bcoles

bcoles Nov 4, 2018

Contributor

MD5 is a one-way hashing algorithm. I'm not sure that it would be useful as an encoder.

This comment has been minimized.

@ismailtasdelen

ismailtasdelen Nov 4, 2018

You're right. So I made changes to md5. I set the md5 algorithm to base32.

This comment has been minimized.

@wvu-r7

wvu-r7 Nov 6, 2018

Contributor

I set the md5 algorithm to base32.

You what.

@ismailtasdelen ismailtasdelen changed the title from add module md5 encoder to add module base32 encoder Nov 4, 2018

@bcoles

This comment has been minimized.

Contributor

bcoles commented Nov 5, 2018

Hi @ismailtasdelen

Looks like msftidy is complaining.

[*] Running msftidy.rb in ./.git/hooks/post-merge mode
--- Checking new and changed module syntax with tools/dev/msftidy.rb ---
modules/encoders/ruby/base32.rb - [INFO] No CVE references found. Please check before you land!
modules/encoders/ruby/base32.rb:19 - [WARNING] Space-Tab mixed indent: "\t ['URL', 'https://www.linkedin.com/in/ismailtasdelen/'],\n"
modules/encoders/ruby/base32.rb:19 - [WARNING] Tabbed indent: "\t ['URL', 'https://www.linkedin.com/in/ismailtasdelen/'],\n"
------------------------------------------------------------------------
------------------------------------------------------------------------
[*] This merge contains modules failing msftidy.rb
[*] Please fix this if you intend to publish these
[*] modules to a popular metasploit-framework repo
------------------------------------------------------------------------

Also, it is required that code in your fork be merged from a unique branch in your repository to master in Rapid7's. Please create a new branch in your fork of framework and resubmit this from that branch.

git checkout -b <BRANCH_NAME>
git push <your_fork_remote> <BRANCH_NAME>

This helps protect the process, ensure users are aware of commits on the branch being considered for merge, allows for a location for more commits to be offered without mingling with other contributor changes and allows contributors to make progress while a PR is still being reviewed.

Closing based on the this requirement.

@bcoles bcoles closed this Nov 5, 2018

@bcoles bcoles referenced this pull request Nov 5, 2018

Closed

add encoders module : msf > set ruby/base32 #10921

4 of 8 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment