From ebf635aab1300a516a264525b1660a65eeff176c Mon Sep 17 00:00:00 2001
From: "Z. Cliffe Schreuders" <code.cliffe@schreuders.org>
Date: Mon, 15 Jul 2019 11:47:00 +0100
Subject: [PATCH] proftp leak files

---
 .../ftp/proftpd_133c_backdoor/manifests/config.pp   | 13 ++++++++++++-
 .../ftp/proftpd_133c_backdoor/secgen_metadata.xml   |  8 ++++++--
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/manifests/config.pp b/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/manifests/config.pp
index 6a80956c7..2790f0664 100644
--- a/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/manifests/config.pp
+++ b/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/manifests/config.pp
@@ -1,6 +1,9 @@
 class proftpd_133c_backdoor::config {
   $secgen_parameters = secgen_functions::get_parameters($::base64_inputs_file)
   $raw_org = $secgen_parameters['organisation']
+  $leaked_filenames = $secgen_parameters['leaked_filenames']
+  $strings_to_leak = $secgen_parameters['strings_to_leak']
+
   if $raw_org and $raw_org[0] and $raw_org[0] != '' {
     $organisation = parsejson($raw_org[0])
   } else {
@@ -13,4 +16,12 @@ class proftpd_133c_backdoor::config {
     mode     => '0644',
     content  => template('proftpd_133c_backdoor/proftpd.erb')
   }
-}
\ No newline at end of file
+
+  ::secgen_functions::leak_files { 'proftpd_133c_backdoor-file-leak':
+    storage_directory => '/root',
+    leaked_filenames  => $leaked_filenames,
+    strings_to_leak   => $strings_to_leak,
+    leaked_from       => "proftpd_133c_backdoor",
+    mode              => '0600'
+  }
+}
diff --git a/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml b/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml
index 828af3502..9c0c4050c 100644
--- a/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml
+++ b/modules/vulnerabilities/unix/ftp/proftpd_133c_backdoor/secgen_metadata.xml
@@ -19,6 +19,7 @@
 
   <read_fact>server_name</read_fact>
   <read_fact>strings_to_leak</read_fact>
+  <read_fact>leaked_filenames</read_fact>
   <read_fact>welcome_msg</read_fact>
   <read_fact>port</read_fact>
 
@@ -35,8 +36,11 @@
 
   <default_input into="strings_to_leak">
     <generator type="message_generator"/>
-    <generator type="message_generator"/>
   </default_input>
+  <default_input into="leaked_filenames">
+    <generator type="filename_generator"/>
+  </default_input>
+
 
   <default_input into="welcome_msg">
     <generator type="message_generator"/>
@@ -64,4 +68,4 @@
     <type>update</type>
   </requires>
 
-</vulnerability>
\ No newline at end of file
+</vulnerability>