HOME>>>>>>>>>

File `ftp-proftpd-backdoor`

脚本使用类型: portrule
脚本所属分类: exploit, intrusive, malware, vuln
脚本下载地址: http://nmap.org/svn/scripts/ftp-proftpd-backdoor.nse

User Summary

Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with the ftp-proftpd-backdoor.cmd script argument.

Script Arguments

ftp-proftpd-backdoor.cmd

Command to execute in shell (default is id).

Example Usage

执行格式

nmap --script ftp-proftpd-backdoor -p 21 <host>

Script Output

PORT   STATE SERVICE
21/tcp open  ftp
| ftp-proftpd-backdoor:
|   This installation has been backdoored.
|   Command: id
|   Results: uid=0(root) gid=0(wheel) groups=0(wheel)
|_

Requires

ftp
nmap
shortport
stdnse

Author: Mak Kolybabi

License: VER007 整理 http://www.ver007.com