Share
## https://sploitus.com/exploit?id=50C3B4DA-43FD-5156-819F-AAD27A9A686C
# Exploitation of VSFTPD 2.3.4 Backdoor (CVE-2011-2523)

A hands-on penetration testing lab demonstrating the identification and exploitation of the VSFTPD 2.3.4 backdoor (CVE-2011-2523) on the intentionally vulnerable Metasploitable2 virtual machine using the Metasploit Framework.

---

## Disclaimer

This project was conducted entirely in a controlled laboratory environment using **Metasploitable2**, an intentionally vulnerable virtual machine designed for cybersecurity education.

No unauthorized systems or networks were targeted during this exercise.

---

## Objective

The objective of this lab was to:

- Enumerate services running on the target machine.
- Identify vulnerable software versions.
- Locate a publicly available exploit.
- Exploit the vulnerability using the Metasploit Framework.
- Obtain remote shell access.
- Understand the security impact of running outdated software.

---

## Lab Environment

| Component | Details |
|----------|---------|
| Hypervisor | VMware Workstation |
| Attacker Machine | Fedora Linux 44 |
| Target Machine | Metasploitable2 (Ubuntu 8.04) |
| Exploitation Framework | Metasploit Framework 6.4.144 |
| Network | Isolated VMware Lab |

---

## Vulnerability Information

| Field | Value |
|------|-------|
| CVE | CVE-2011-2523 |
| Service | VSFTPD |
| Version | 2.3.4 |
| Port | 21/TCP |
| Severity | Critical |

### Description

VSFTPD version 2.3.4 was released with a malicious backdoor inserted into the source code. By authenticating with a specially crafted username ending with `:)`, an attacker can trigger a command shell on TCP port **6200**, allowing remote command execution.

---

## Methodology

1. Service Enumeration using Nmap
2. Vulnerability Identification
3. Exploit Discovery (ExploitDB & Metasploit)
4. Exploit Configuration
5. Exploitation
6. Shell Verification
7. Impact Analysis
8. Mitigation Recommendations

---

## Tools Used

- Nmap
- Metasploit Framework
- SearchSploit
- VMware Workstation
- Fedora Linux
- Metasploitable2

---

## Skills Demonstrated

- Network Enumeration
- Service Fingerprinting
- Vulnerability Identification
- CVE Research
- Exploit Selection
- Metasploit Framework
- Remote Shell Access
- Post-Exploitation Verification
- Security Documentation

---

## Repository Structure

```
.
โ”œโ”€โ”€ README.md
โ”œโ”€โ”€ report.pdf
โ”œโ”€โ”€ screenshots/
โ”‚   โ”œโ”€โ”€ figure1.png
โ”‚   โ”œโ”€โ”€ figure2.png
โ”‚   โ”œโ”€โ”€ figure3.png
โ”‚   โ”œโ”€โ”€ figure4.png
โ”‚   โ”œโ”€โ”€ figure5.png
โ”‚   โ”œโ”€โ”€ figure6.png
โ”‚   โ”œโ”€โ”€ figure7.png
โ”‚   โ””โ”€โ”€ figure8.png
โ””โ”€โ”€ LICENSE
```

---

## Lessons Learned

- Service enumeration is the foundation of penetration testing.
- Public vulnerability databases should always be validated against software versions.
- Exploitation frameworks simplify exploitation but require an understanding of the underlying vulnerability.
- Outdated software can lead to complete system compromise.
- Conducting security testing in isolated lab environments is essential for ethical learning.

---

## References

- National Vulnerability Database (NVD)
- Exploit Database (ExploitDB)
- Rapid7 Metasploit Documentation
- Metasploitable2 Documentation

---

## Author

**Amarnath**

Cybersecurity Student | Ethical Hacking | Penetration Testing | Linux

Feel free to connect with me on LinkedIn or explore my other cybersecurity projects.