Skip to content

galacticdestroyer/Metasploitable-Exploits

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
vsftpd_exploit.py
vsftpd_exploit.py
 
 

Repository files navigation

vsftpd 2.3.4 Backdoor Exploit (PoC)

This repository contains a Python-based Proof of Concept (PoC) exploit for the famous vsftpd v2.3.4 backdoor (CVE-2011-2523).

Description

The exploit triggers a malicious backdoor introduced into the vsftpd 2.3.4 source code. By sending a username ending with a smiley face :), the server opens a listener on port 6200, providing a root shell.

Features

  • Automates the "Smiley Face" trigger on Port 21.
  • Establishes a connection to the backdoor on Port 6200.
  • Provides an interactive shell for command execution.
  • Includes timeout handling to prevent socket hanging.

Usage

  1. Clone the repository: 
    git clone [https://github.com/galacticdestroyer/Metasploitable-Exploits.git](https://github.com/galacticdestroyer/Metasploitable-Exploits.git)

Smart move! A solid README.md makes your GitHub repo look like a professional security tool rather than just a lab file.

Here is a clean, professional template you can use.

Step 1: Create the file In your myexp/Metasploitable-Exploits folder, run:

Bash nano README.md Step 2: Paste this content Markdown

vsftpd 2.3.4 Backdoor Exploit (PoC)

This repository contains a Python-based Proof of Concept (PoC) exploit for the famous vsftpd v2.3.4 backdoor (CVE-2011-2523).

Description

The exploit triggers a malicious backdoor introduced into the vsftpd 2.3.4 source code. By sending a username ending with a smiley face :), the server opens a listener on port 6200, providing a root shell.

Features

  • Automates the "Smiley Face" trigger on Port 21.
  • Establishes a connection to the backdoor on Port 6200.
  • Provides an interactive shell for command execution.
  • Includes timeout handling to prevent socket hanging.

Usage

  1. Clone the repository: 
    git clone [https://github.com/galacticdestroyer/Metasploitable-Exploits.git](https://github.com/galacticdestroyer/Metasploitable-Exploits.git)

Run the exploit against a target IP:

Bash python3 vsftpd_exploit.py <TARGET_IP> Disclaimer This tool is for educational purposes only. Use it only on systems you have permission to test.

Step 3: Push the README to GitHub

Once you save the file (Ctrl+O, Enter, Ctrl+X), push it up so it shows up on your main page:

git add README.md
git commit -m "Added professional README documentation"
git push origin master

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages