Share
## https://sploitus.com/exploit?id=09B89183-FE26-5690-A12C-7BEC34B1AAE4
# Cybersecurity Home Lab
A personal home lab built for hands-on cybersecurity practice,
detection engineering, and security research.
## Lab Architecture
- **Hypervisor:** Proxmox VE 9.1 running on Beelink Mini S12 Pro
- **Attacker VM:** Kali Linux 2026.1
- **Target VM:** Metasploitable 2
- **Network:** All VMs isolated on internal bridge (vmbr0)
## Projects
### 1. Network Reconnaissance โ Nmap Service Scan
**Objective:** Map the attack surface of a target machine
**Tool:** Nmap 7.99
**Command:**
nmap -sV 192.168.1.156
**Findings:**
- 21/tcp โ vsftpd 2.3.4 (backdoor CVE-2011-2523)
- 22/tcp โ OpenSSH 4.7p1
- 23/tcp โ Telnet (unencrypted)
- 80/tcp โ Apache 2.2.8
- 3306/tcp โ MySQL 5.0.51a (exposed database)
- 5900/tcp โ VNC (unauthenticated remote access)
- 8180/tcp โ Apache Tomcat
**Takeaway:** Target exposed 20+ services running
outdated vulnerable software representing a large attack surface.
---
### 2. Exploitation โ vsftpd 2.3.4 Backdoor (CVE-2011-2523)
**Objective:** Exploit a known backdoor vulnerability to gain root access
**Tool:** Metasploit Framework
**Steps:**
1. Launched msfconsole
2. Loaded module: exploit/unix/ftp/vsftpd_234_backdoor
3. Set RHOSTS to target IP
4. Set LHOST to attacker IP
5. Executed exploit
**Result:** Successfully obtained root shell on target machine.
Confirmed root access by reading /etc/shadow โ
containing hashed credentials for all system users.
**Remediation:**
- Update vsftpd to a non-backdoored version
- Block FTP (port 21) at firewall if not needed
- Use SFTP instead of FTP for secure file transfers
- Implement network segmentation to limit exposure
**CVE:** CVE-2011-2523