Add FTP Service

[omercnet]

• Provide banner of a common FTP service
• Allow basic commands on a mock filesystem (consider keeping it as a dict to avoid actual exploitation)
• Alerts: Muted alert on basic interaction, Alert on file upload

[Sleeptime17]

Didn't @lorg mention he wanted it to be a UNIX-y FTP banner? Active alert - attempted path traversal? Should this service also be compatible with MR? Can't remember if @lorg said that.

Consider CVE-2017-6510 - Easy File Sharing FTP Server 3.6 Directory Traversal rapid7 source - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ftp/easy_file_sharing_ftp.rb

[omercnet]

Define "UNIX-y" ? wouldn't a common linux FTPd like proftpd suffice ?

if you could find an FTPd that has an RCE or something like that would be great, the best case scenario is to get an attack to upload payloads

[Sleeptime17]

"UNIX-y" as in Linux instead of Windows. I'm mentioning him because I'm not sure if he wanted it that way or the other way around. A common Linux service would work.

There are no recent RCEs on FTP services unfortunately (5+ years I think). There seem to be some RCEs on FTP clients, but that's not what we're here for ;)

[Sleeptime17]

Scratch that last comment, I'm pretty sure he meant the Telnet service. That does leave me wondering why he wants an additional FTP service though? MR already has one.

[omercnet]

MR has a built in one, need to make it a custom service compatible with honeycomb I think @dekelb mentioned the internal codebase has something we're able to use right away