VSFTPD v2.3.4 Backdoor Command Execution
This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was introduced into the vsftpd-2.3.4.tar.gz archive between June 30th 2011 and July 1st 2011 according to the most recent information available. This backdoor was removed on July 3rd 2011.
- hdm <x [at] hdm.io>
- MC <mc [at] metasploit.com>
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/unix/ftp/vsftpd_234_backdoor msf exploit(vsftpd_234_backdoor) > show targets ...targets... msf exploit(vsftpd_234_backdoor) > set TARGET <target-id> msf exploit(vsftpd_234_backdoor) > show options ...show and set options... msf exploit(vsftpd_234_backdoor) > exploit