Merge pull request #1565 from guardicore/1533-remove-vsftpd

Remove the VSFTPD exploiter

CHANGELOG.md

@@ -11,6 +11,7 @@ Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Changed
 
 ### Removed
+- The VSFTPD exploiter. #1533
 
 ### Fixed
 - A bug in network map page that caused delay of telemetry log loading. #1545

envs/monkey_zoo/blackbox/config_templates/performance.py

@@ -22,7 +22,6 @@ class Performance(ConfigTemplate):
             "Struts2Exploiter",
             "WebLogicExploiter",
             "HadoopExploiter",
-            "VSFTPDExploiter",
             "MSSQLExploiter",
             "PowerShellExploiter",
             "ZerologonExploiter",

monkey/infection_monkey/example.conf

@@ -39,7 +39,6 @@
     "Struts2Exploiter",
     "WebLogicExploiter",
     "HadoopExploiter",
-    "VSFTPDExploiter",
     "MSSQLExploiter"
   ],
   "finger_classes": [

monkey/monkey_island/cc/services/config_schema/basic.py

@@ -23,7 +23,6 @@
                         "Struts2Exploiter",
                         "WebLogicExploiter",
                         "HadoopExploiter",
-                        "VSFTPDExploiter",
                         "MSSQLExploiter",
                         "DrupalExploiter",
                         "PowerShellExploiter",

monkey/monkey_island/cc/services/config_schema/definitions/exploiter_classes.py

@@ -120,15 +120,6 @@
             "https://github.com/vulhub/vulhub/tree/master/hadoop/unauthorized-yarn.",
             "link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/hadoop/",
         },
-        {
-            "type": "string",
-            "enum": ["VSFTPDExploiter"],
-            "title": "VSFTPD Exploiter",
-            "safe": True,
-            "info": "Exploits a malicious backdoor that was added to the VSFTPD download archive. "
-            "Logic based on Metasploit module.",
-            "link": "https://www.guardicore.com/infectionmonkey/docs/reference/exploiters/vsftpd/",
-        },
         {
             "type": "string",
             "enum": ["DrupalExploiter"],

monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py

@@ -42,9 +42,6 @@ class ExploiterDescriptorEnum(Enum):
     )
     HADOOP = ExploiterDescriptor("HadoopExploiter", "Hadoop/Yarn Exploiter", ExploitProcessor)
     MSSQL = ExploiterDescriptor("MSSQLExploiter", "MSSQL Exploiter", ExploitProcessor)
-    VSFTPD = ExploiterDescriptor(
-        "VSFTPDExploiter", "VSFTPD Backdoor Exploiter", CredExploitProcessor
-    )
     DRUPAL = ExploiterDescriptor("DrupalExploiter", "Drupal Server Exploiter", ExploitProcessor)
     ZEROLOGON = ExploiterDescriptor(
         "ZerologonExploiter", "Zerologon Exploiter", ZerologonExploitProcessor

monkey/monkey_island/cc/ui/src/components/report-components/SecurityReport.js

@@ -25,7 +25,6 @@ import {webLogicIssueOverview, webLogicIssueReport} from './security/issues/WebL
 import {hadoopIssueOverview, hadoopIssueReport} from './security/issues/HadoopIssue';
 import {mssqlIssueOverview, mssqlIssueReport} from './security/issues/MssqlIssue';
 import {drupalIssueOverview, drupalIssueReport} from './security/issues/DrupalIssue';
-import {vsftpdIssueOverview, vsftpdIssueReport} from './security/issues/VsftpdIssue';
 import {wmiPasswordIssueReport, wmiPthIssueReport} from './security/issues/WmiIssue';
 import {sshKeysReport, shhIssueReport, sshIssueOverview} from './security/issues/SshIssue';
 import {sambacryIssueOverview, sambacryIssueReport} from './security/issues/SambacryIssue';
@@ -108,11 +107,6 @@ class ReportPageComponent extends AuthComponent {
         [this.issueContentTypes.REPORT]: drupalIssueReport,
         [this.issueContentTypes.TYPE]: this.issueTypes.DANGER
       },
-      'VSFTPDExploiter': {
-        [this.issueContentTypes.OVERVIEW]: vsftpdIssueOverview,
-        [this.issueContentTypes.REPORT]: vsftpdIssueReport,
-        [this.issueContentTypes.TYPE]: this.issueTypes.DANGER
-      },
       'WmiExploiter': {
         [this.issueContentTypes.REPORT]: {
           [this.credentialTypes.PASSWORD]: wmiPasswordIssueReport,

monkey/tests/data_for_tests/monkey_configs/monkey_config_standard.json

@@ -11,7 +11,6 @@
           "Struts2Exploiter",
           "WebLogicExploiter",
           "HadoopExploiter",
-          "VSFTPDExploiter",
           "MSSQLExploiter",
           "DrupalExploiter"
         ]

vulture_allowlist.py

@@ -63,7 +63,6 @@
 WEBLOGIC  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:40)
 HADOOP  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:43)
 MSSQL  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:44)
-VSFTPD  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:45)
 DRUPAL  # unused variable (monkey/monkey_island/cc/services/reporting/issue_processing/exploit_processing/exploiter_descriptor_enum.py:48)
 POWERSHELL  # (\monkey\monkey_island\cc\services\reporting\issue_processing\exploit_processing\exploiter_descriptor_enum.py:52)
 _.do_POST  # unused method (monkey/monkey_island/cc/server_utils/bootloader_server.py:26)