Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

Last update: Nov 08, 2022

Related tags

Security related resources CVE-2011-2523

Overview

CVE-2011-2523 - vsftpd 2.3.4 Exploit

Discription

vsftpd, which stands for Very Secure FTP Daemon,is an FTP server for Unix-like systems, including Linux. It is licensed under the GNU General Public License. It supports IPv6 and SSL.
In July 2011, it was discovered that vsftpd version 2.3.4 downloadable from the master site had been compromised. Users logging into a compromised vsftpd-2.3.4 server may issue a :) smileyface as the username and gain a command shell on port 6200. This was not an issue of a security hole in vsftpd, instead, someone had uploaded a different version of vsftpd which contained a backdoor. Since then, the site was moved to Google App Engine.

Requirements

sudo apt update
sudo apt install python3
sudo apt install python3-pip
pip install argparse

Installation

git clone https://github.com/padsalatushal/CVE-2011-2523.git
cd ./CVE-2011-2523
chmod +x exploit.py

Usage

python3 exploit.py -host Target_IP

Example : python3 exploit.py -host 192.168.168.128

Test

You can test the exploit on Metasploitable2

Resources

https://www.computersecuritystudent.com/SECURITY_TOOLS/METASPLOITABLE/EXPLOIT/lesson8/index.html https://subscription.packtpub.com/book/networking_and_servers/9781786463166/1/ch01lvl1sec18/vulnerability-analysis-of-vsftpd-2-3-4-backdoor

Owner

Padsala Tushal

Arduino,Python,Shell,Batch

Padsala Tushal

GitHub Repository

Early days of an Asset Discovery tool.

Please star this project! Written in Python Report Bug . Request Feature DISCLAIMER This project is in its early days, everything you see here is almo

3 Dec 20, 2022

Multi-Process Vulnerability Tool

Multi-Process Vulnerability Tool

1 Dec 22, 2021

Find existing email addresses by nickname using API/SMTP checking methods without user notification. Please, don't hesitate to improve cat's job! 🐱🔎 📬

mailcat The only cat who can find existing email addresses by nickname. Usage First install requirements: pip3 install -r requirements.txt Then just

282 Dec 30, 2022

POC for detecting the Log4Shell (Log4J RCE) vulnerability

Interactsh An OOB interaction gathering server and client library Features • Usage • Interactsh Client • Interactsh Server • Interactsh Integration •

2.1k Jan 08, 2023

Python bindings to LibreSSL library

LibreSSL bindings for Python using CFFI Python3 bindings to LibreSSL using CFFI. It aims to provide interface to the most important bits of LibreSSL o

1 Aug 02, 2022

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022

CVE-2021-21985 VMware vCenter Server远程代码执行漏洞 EXP (更新可回显EXP)

CVE-2021-21985 CVE-2021-21985 EXP 本文以及工具仅限技术分享，严禁用于非法用途，否则产生的一切后果自行承担。 0x01 利用Tomcat RMI RCE 1. VPS启动JNDI监听 1099 端口 rmi需要bypass高版本jdk java -jar JNDIIn

355 Aug 03, 2022

A Telegram Bot to force users to join a specific channel before sending messages in a group.

Promoter A Telegram Bot to force users to join a specific channel before sending messages in a group. Introduction A Telegram Bot to force users to jo

1 Jan 27, 2022

NFC Implant-base RSA Encrypted Messagging application

Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication

4 Nov 06, 2021

This repo is about steps to create a effective custom wordlist in a few clicks/

Custom Wordlist This repo is about steps to take in order to create a effective custom wordlist in a few clicks. this comes handing in pentesting enga

2 Oct 08, 2022

A collection of over 5.1 million sub-domains and assets belonging to public bug bounty programs, compiled into a repo, for performing bulk operations.

📂 Public Bug Bounty Targets Data By BugBountyResources A collection of over 5.1M sub-domains and assets belonging to bug bounty targets, all put in a

87 Dec 13, 2022

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT.

Cryptick is a stock ticker for cryptocurrency tokens, and a physical NFT. This repository includes tools and documentation for the Cryptick device.

1 Dec 31, 2021

The Decompressoin tool for Vxworks MINIFS

MINIFS-Decompression The Decompression tool for Vxworks MINIFS filesystem. USAGE python minifs_decompression.py [target_firmware] The example of Mercu

8 Jan 03, 2023

Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io

Cowrie Welcome to the Cowrie GitHub repository This is the official repository for the Cowrie SSH and Telnet Honeypot effort. What is Cowrie Cowrie is

4.1k Jan 09, 2023

version de mi tool de kali linux para miertuxzzzz digo, termux >:)

Msf-Tool 1.0 Termux apt install git -y apt install python apt install python3 apt install python3-pip apt install metasploit ---- ---- git clone ht

1 Feb 20, 2022

Xteam All in one Instagram,Android,phishing osint and wifi hacking tool available

Xteam All in one Instagram,Android,phishing osint and wifi hacking tool available

283 Dec 29, 2022

Übersicht remote command execution 0day exploit

Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m

10 Dec 21, 2021

CVE-2022-21907 - Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907

CVE-2022-21907 Description POC for CVE-2022-21907: Windows HTTP协议栈远程代码执行漏洞 creat

365 Nov 30, 2022

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

JavaScript Raider is a coverage-guided JavaScript fuzzing framework designed for the v8 JavaScript engine

105 Dec 05, 2022

DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

dnspooq DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685) For educational purposes only Requirements Docker compo

80 Nov 28, 2022