void Exploit::launch(Host* host, vector<string> args) { cout << "Running " << getName() << " version " << getVersion() << "..." << endl; // check args if(args.size() < 3) { cout << "Please specify an IP and port to exploit." << endl; return; } // resolve ip string ip = args[1]; if(!host->ping(ip)) { cout << "Destination host unreachable." << endl; return; } Host *remote = host->resolve(ip); // check level unsigned int port = stoi(args[2]); Service *s = remote->getService(port); if(!s || !s->isVuln(vuln)) { cout << "Service is not vulnerable." << endl; return; } if(s->getVersion() > getVersion()) { cout << "Version " << s->getVersion() << " of this software is not vulnerable." << endl; return; } // exploit the vuln run(host, remote, port); }
FTPService::FTPService(unsigned int version): ShellService(Cache::queryCache("FTP"), 21, version) { Shell* shell = getShell(); shell->add("help", [this] (vector<string> args) { cout << "list: list all files" << endl; cout << "upload [file] [host]: upload file to host" << endl; cout << "delete [file]: delete a file" << endl; cout << "cat [file]: display file contents" << endl; }, false); shell->add("list", [this] (vector<string> args) { // list all files cout << setw(width) << "Filename "; cout << "Size" << endl; for(File *file: files) { cout << left << setw(width) << file->name->get(); cout << file->contents->get().length() << "b" << endl; } }, true); shell->add("upload", [this] (vector<string> args) { // upload a local file to a remote FTP server if(args.size() < 3) { cout << "Please specify file name and remote host." << endl; } string filename = args[1]; string ip = args[2]; // check file File *file = nullptr; for(File *f: files) { if(f->name->get() == filename) { file = new File{f->name, f->contents}; break; } } if(!file) { cout << "File not found." << endl; return; } // check host if(!localhost->ping(ip)) { cout << "Destination host unreachable." << endl; delete file; return; } // find host Host *remote = localhost->resolve(ip); if(!remote->hasService(21)) { cout << "Connection refused." << endl; delete file; return; } // contact server FTPService *ftp = static_cast<FTPService*>(remote->getService(21)); ftp->upload(file); cout << "Upload complete." << endl; }, true); shell->add("delete", [this] (vector<string> args) { if(args.size() < 2) { cout << "Please specify a file name." << endl; } // delete file string name = args[1]; for(auto itr = files.begin(); itr != files.end(); itr++) { File *file = *itr; if(file->name->get() == name) { files.erase(itr); return; } } cout << "File not found." << endl; }, true); shell->add("cat", [this] (vector<string> args) { if(args.size() < 2) { cout << "Please specify a file name." << endl; return; } string name = args[1]; for(File *file: files) { if(file->name->get() == name) { cout << file->contents << endl; return; } } cout << "File not found." << endl; }, true); }