## https://sploitus.com/exploit?id=50C3B4DA-43FD-5156-819F-AAD27A9A686C
# Exploitation of VSFTPD 2.3.4 Backdoor (CVE-2011-2523)
A hands-on penetration testing lab demonstrating the identification and exploitation of the VSFTPD 2.3.4 backdoor (CVE-2011-2523) on the intentionally vulnerable Metasploitable2 virtual machine using the Metasploit Framework.
---
## Disclaimer
This project was conducted entirely in a controlled laboratory environment using **Metasploitable2**, an intentionally vulnerable virtual machine designed for cybersecurity education.
No unauthorized systems or networks were targeted during this exercise.
---
## Objective
The objective of this lab was to:
- Enumerate services running on the target machine.
- Identify vulnerable software versions.
- Locate a publicly available exploit.
- Exploit the vulnerability using the Metasploit Framework.
- Obtain remote shell access.
- Understand the security impact of running outdated software.
---
## Lab Environment
| Component | Details |
|----------|---------|
| Hypervisor | VMware Workstation |
| Attacker Machine | Fedora Linux 44 |
| Target Machine | Metasploitable2 (Ubuntu 8.04) |
| Exploitation Framework | Metasploit Framework 6.4.144 |
| Network | Isolated VMware Lab |
---
## Vulnerability Information
| Field | Value |
|------|-------|
| CVE | CVE-2011-2523 |
| Service | VSFTPD |
| Version | 2.3.4 |
| Port | 21/TCP |
| Severity | Critical |
### Description
VSFTPD version 2.3.4 was released with a malicious backdoor inserted into the source code. By authenticating with a specially crafted username ending with `:)`, an attacker can trigger a command shell on TCP port **6200**, allowing remote command execution.
---
## Methodology
1. Service Enumeration using Nmap
2. Vulnerability Identification
3. Exploit Discovery (ExploitDB & Metasploit)
4. Exploit Configuration
5. Exploitation
6. Shell Verification
7. Impact Analysis
8. Mitigation Recommendations
---
## Tools Used
- Nmap
- Metasploit Framework
- SearchSploit
- VMware Workstation
- Fedora Linux
- Metasploitable2
---
## Skills Demonstrated
- Network Enumeration
- Service Fingerprinting
- Vulnerability Identification
- CVE Research
- Exploit Selection
- Metasploit Framework
- Remote Shell Access
- Post-Exploitation Verification
- Security Documentation
---
## Repository Structure
```
.
โโโ README.md
โโโ report.pdf
โโโ screenshots/
โ โโโ figure1.png
โ โโโ figure2.png
โ โโโ figure3.png
โ โโโ figure4.png
โ โโโ figure5.png
โ โโโ figure6.png
โ โโโ figure7.png
โ โโโ figure8.png
โโโ LICENSE
```
---
## Lessons Learned
- Service enumeration is the foundation of penetration testing.
- Public vulnerability databases should always be validated against software versions.
- Exploitation frameworks simplify exploitation but require an understanding of the underlying vulnerability.
- Outdated software can lead to complete system compromise.
- Conducting security testing in isolated lab environments is essential for ethical learning.
---
## References
- National Vulnerability Database (NVD)
- Exploit Database (ExploitDB)
- Rapid7 Metasploit Documentation
- Metasploitable2 Documentation
---
## Author
**Amarnath**
Cybersecurity Student | Ethical Hacking | Penetration Testing | Linux
Feel free to connect with me on LinkedIn or explore my other cybersecurity projects.