How to exploit VSFTPD ?

• Share on Facebook
• Share on StumbleUpon
• Share on Delicious
• Share on Digg
• Share This!

VSFTPD, which stands for "Very Secure FTP Daemon"[1], is an FTP server for Unix-like systems, including Linux.

VSFTPD is an FTP server that it can be found in unix operating systems like Ubuntu, CentOS, Fedora and Slackware. By default this service is secure however a major incident happened in July 2011 when someone replaced the original version with a version that contained a backdoor. The backdoor exists in the version 2.3.4 of VSFTPD and it can be exploited through metasploit.

So first we scan port 21 is it vsftpd 2.3.4 or not, for this purpose you can use nmap.

So let’s assume that we have scanned a host and we have discovered the version 2.3.4 of VSFTPD running on the system.

We can open the metasploit framework in order to search for the vsftpd module.

As we can see there is only one module that we can use. So we will start the configuring the module appropriately. In the next screenshot you can see the configurations that we need to do in this exploit in order to be executed successfully.