Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-2523 PoC — vsftpd 操作系统命令注入漏洞

Source
https://github.com/everythingBlackkk/vsFTPd-Backdoor-Exploit-CVE-2011-2523-
Associated Vulnerability
Title:vsftpd 操作系统命令注入漏洞 (CVE-2011-2523)
Description:vsftpd是一款用于类Unix系统的FTP(文件传输协议)服务器。 vsftpd 2.3.4版本(2011年6月30日至2011年7月3日期间下载)中存在安全漏洞,该漏洞源于软件中存在可以打开shell的后门。攻击者可利用该漏洞执行命令。
Description
This tool exploits a well-known backdoor vulnerability found in vsFTPd version 2.3.4 (CVE-2011-2523)
Readme
# vsFTPd 2.3.4 Backdoor Exploit
Overview

This tool exploits a well-known backdoor vulnerability found in vsFTPd version 2.3.4. The vulnerability allows attackers to gain unauthorized shell access to the target system by sending specially crafted input to the FTP service. This exploit takes advantage of a malicious backdoor that was intentionally introduced in version 2.3.4, which opens a listening port (6200) after receiving a certain payload.

Note: This vulnerability is specific to version 2.3.4 of vsFTPd. Attempting to use this tool on other versions will result in failure.
____

## Vulnerability Explanation

The vulnerability arises due to a backdoor that was deliberately added to the vsFTPd 2.3.4 distribution in June 2011. When a maliciously crafted username (with a `:)` at the end) is sent to the FTP server, it triggers the backdoor, causing the server to open a shell on port 6200. Attackers can then connect to this port and gain shell access to the system.

- CVE Identifier: CVE-2011-2523
- Vulnerable Software: vsFTPd 2.3.4
- Exploitation: Remote code execution via crafted FTP commands
  
____

## Requirements
- Python 3.x
- You
____

## How to Use
1. Clone the Repository:

  ```bash
    git clone https://github.com/everythingBlackkk/vsFTPd-Backdoor-Exploit-CVE-2011-2523-.git
    cd vsFTPd-Backdoor-Exploit-CVE-2011-2523-
  ```

2. Run the Exploit:
   
 ```bash
  python3 exploit.py -host <target_ip> 
 ```
   
## Output Example : 

```bash
$ python3 exploit.py -host 192.168.1.10
[i] Initiating FTP backdoor exploit...
[i] Checking FTP Version on 192.168.1.10:21
[+] Target is running vsFTPd 2.3.4. Proceeding with backdoor exploit...
[i] Connecting to backdoor on 192.168.1.10:6200...
[+] Connection successful! You now have shell access.
$ whoami
root
$ exit
```
____

# Why This Vulnerability Exists

The vulnerability in vsFTPd 2.3.4 was introduced by an unknown attacker who uploaded a modified version of the source code to the official vsFTPd download server. This backdoored version was available for a short time before it was detected and removed. However, any system that installed vsFTPd during that period is vulnerable if they are still running version 2.3.4.

## Disclaimer

This tool is intended for educational purposes only. The misuse of this tool could cause damage to systems and networks. Only use it on systems you have permission to test. The author assumes no liability for any misuse or damage caused by this tool.
File Snapshot

 [4.0K]  /data/pocs/c251401b5632bf57b6acb6ff052de0b4b507ebc3
├── [1.9K]  exploit.py
└── [2.4K]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.