The malicious code was simple yet devastating:
vsftpd 2.3.4 backdoor exploit (CVE-2011-2523) is a well-known vulnerability caused by a malicious backdoor introduced into the vsftpd source code between June 30 and July 1, 2011. It allows remote attackers to execute arbitrary commands by simply adding a sequence to the FTP username during login. CVE Details Exploitation Methods The exploit is most commonly executed using the Metasploit Framework or dedicated scripts available on Metasploit Module : The standard method uses the module exploit/unix/ftp/vsftpd_234_backdoor GitHub Repositories vsftpd 208 exploit github install
require 'msfenv'
target = sys.argv[1]
In July 2011, it was discovered that the official vsftpd 2.0.8 source tarball had been compromised. A malicious backdoor allowed remote root access via a smiley face in the username parameter. The malicious code was simple yet devastating: vsftpd 2