ftp: replace @banner_version with banner_version helper method

2026-05-06 14:46:53 +01:00
parent 696f530475
commit b7e1d7ea77
2 changed files with 13 additions and 10 deletions
@@ -62,14 +62,6 @@ module Exploit::Remote::Ftp
    # Wait for a banner to arrive...
    self.banner = recv_ftp_resp(fd)

-    # 220 (vsFTPd 2.3.4)\x0d\x0a                                   -> vsFTPd 2.3.4
-    # 220 ProFTPD 1.3.1 Server (Debian) [::ffff:10.0.0.10]\x0d\x0a -> ProFTPD 1.3.1 Server (Debian)
-    @banner_version = self.banner.to_s
-                      .gsub(/^\d{3}[\s-]/, '')
-                      .strip
-                      .gsub(/\A\(|\)\z/, '')
-                      .gsub(/\s*\[(?:(?:\d{1,3}\.){3}\d{1,3}|[0-9A-Fa-f:]*:[0-9A-Fa-f:.]+)\]/, '')
-
    print_status('Connected to target FTP server') if verbose

    # Only record the service and banner when the greeting looks like FTP (RFC 959)
@@ -80,7 +72,7 @@ module Exploit::Remote::Ftp
        port: rport,
        proto: 'tcp',
        name: 'ftp',
-        info: Rex::Text.to_hex_ascii(@banner_version),
+        info: Rex::Text.to_hex_ascii(banner_version),
        parents: {
          host: rhost,
          port: rport,
@@ -104,6 +96,17 @@ module Exploit::Remote::Ftp
    fd
  end

+  # Extracts a normalized version string from the FTP banner
+  # 220 (vsFTPd 2.3.4)\x0d\x0a                                   -> vsFTPd 2.3.4
+  # 220 ProFTPD 1.3.1 Server (Debian) [::ffff:10.0.0.10]\x0d\x0a -> ProFTPD 1.3.1 Server (Debian)
+  def banner_version
+    banner.to_s
+          .sub(/^\d{3}[\s-]/, '')
+          .strip
+          .gsub(/\A\(|\)\z/, '')
+          .gsub(/\s*\[(?:(?:\d{1,3}\.){3}\d{1,3}|[0-9A-Fa-f:]*:[0-9A-Fa-f:.]+)\]/, '')
+  end
+
  #
  # This method handles establishing datasocket for data channel
  #
@@ -83,7 +83,7 @@ class MetasploitModule < Msf::Auxiliary
      )
      register_creds(target_host, access_type)
    elsif banner
-      print_warning("FTP service, but no anonymous access (#{@banner_version})")
+      print_warning("FTP service, but no anonymous access (#{banner_version})")
    else
      vprint_warning('No FTP banner received')
    end