Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2010-2075 PoC — UnrealIRCd 后门未授权访问漏洞

Source
https://github.com/abhinavsinghx/PenTest-Lab
Associated Vulnerability
Title:UnrealIRCd 后门未授权访问漏洞 (CVE-2010-2075)
Description:2009年11月到2010年6月间分布于某些镜面站点的UnrealIRCd,在DEBUG3_DOLOG_SYSTEM宏中包含外部引入的修改(特洛伊木马),远程攻击者可执行任意命令。
Description
I recently set up a small Penetration Testing Lab to get some hands-on experience with vulnerability scanning and exploitation. Using Nessus and Kali Linux, I was able to dive into Metasploitable 2, a deliberately vulnerable system, and identify a pretty serious flaw (CVE-2010-2075).
Readme
# Penetration Testing Lab
## Objectives
- Learn Vulnerability Scanning with Nessus
- Practice Penetration Testing with Kali Linux
- Simulate Real-World Attacks
- Improve Cybersecurity Skills

## Virtualization
- Virtualizaiton Tool: Oracle Virtual box
- Reason: Open source, Easy setup

## Kali Linux Setup
- **OS**: Kali Linux
- **Network Adapter**: NAT

## Target Machine: Metasploitable 2
- **OS:** Ubuntu-based vulnerable system
- **Installation Type:** Virtualbox
- **Network Adapter:** Host-Only (to ensure isolated communication between the machines).

## Vulnerability Scanner: Nessus
- **Installed on:** Kali Linux
- **Installation Command:** `wget https://www.tenable.com/downloads/api/v1/public/pages/nessus/downloads/17940/download?i_agree_to_tenable_license_agreement=true -O Nessus.deb`  
- **Web Interface:** `https://localhost:8834` 
- **License Type:** Nessus Essentials (Free)
- **Status Check:** `sudo systemctl status nessusd`

## Nessus Vulnerability Scan on a Metasploitable 2
- **Scan Target:** Metasploitable 2 (`192.168.10.8`)

![alt text](image.png)
![alt text](image-1.png)

## Exploit: UnrealiRCd Backdoor (CVE-2010-2075)
- **Severity:** Critical (CVSS 10.0)
- **Affected Service:** UnrealiRCd (Internet Relay Chat Daemon)
- **Impact:** Full Remote Code Execution (RCE)
- Exploit Proof:

![alt text](image-3.png)

![alt text](image-4.png)

![alt text](image-5.png)

![alt text](image-6.png)

![alt text](image-7.png)

## Remediation Steps for UnrealiRCd
- Update UnrealiRCd to latest version.
- Remove or disable the vulnerable service if it's not needed.
- Use a firewall to restrict access to the IRC port.

## Conclusion
This Penetration Testing Lab has provided hands-on experience with vulnerability scanning using Nessus, as well as simulated real-world attacks and exploitations. By setting up a vulnerable target machine (Metasploitable 2) and conducting a vulnerability scan, the lab demoonstrated the importance of identifying critical vulnerabilities such as UnrealiRCd and how they can be exploited for **Remote Code Execution (RCE)**.
Additionally, it showcased the practical steps involved in securing vulnerable systems, including updating software, disabling unnecessary services, and using firewalls for network access control. These exercises are essential for upskilling cybersecurity skills and gaining a deeper understanding of penetration testing methodologies.
File Snapshot

 [4.0K]  /data/pocs/7651ac7e74d2aceb1d4975638eabf84802b04b23
├── [104K]  image-1.png
├── [   0]  image-2.png
├── [ 69K]  image-3.png
├── [ 93K]  image-4.png
├── [ 28K]  image-5.png
├── [131K]  image-6.png
├── [ 83K]  image-7.png
├── [ 27K]  image.png
└── [2.4K]  README.md

0 directories, 9 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.