LINUX - VSFTPD
- Layout for this exercise:
- vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. A malicious backdoor was added to the VSFTPD download into the vsftpd-2.3.4.tar.gz archive. This backdoor was later removed, but Metasploit provides a module to exploit it.
- Payload is set to cmd/unix/interact:
- Required option is just the remote host's IP:
- Setting RHOST to the victim's IP:
- Launching the exploit a remote shell is achieved: