Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-2523 PoC — vsftpd 操作系统命令注入漏洞

Source
https://github.com/krill-x7/CVE-2011-2523
Associated Vulnerability
Title:vsftpd 操作系统命令注入漏洞 (CVE-2011-2523)
Description:vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Description
 Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
Readme
# CVE-2011-2523 - vsftpd 2.3.4 Backdoor Exploit

This is a Python-based exploit script for the infamous backdoor found in [vsftpd version 2.3.4](https://nvd.nist.gov/vuln/detail/CVE-2011-2523). When triggered, it opens a shell on port `6200` — granting remote command execution as the `root` user in some vulnerable setups.

---

## About the Vulnerability

vsftpd 2.3.4 was maliciously backdoored and distributed. When a username containing `:)` is sent during FTP login, the server quietly opens a shell on port `6200`.

- **CVE ID**: CVE-2011-2523  
- **Affected Software**: vsftpd v2.3.4  
- **Impact**: Remote Code Execution

---

## Usage

```bash
python3 exploit.py --host <target-ip> [--port <ftp-port>]
```
<img width="840" height="237" alt="image" src="https://github.com/user-attachments/assets/fe133b64-6950-465e-9416-7a84d54f0995" />
File Snapshot

 [4.0K]  /data/pocs/2bad617f0062212cb0ad5ad978bb7a48838226c3
├── [2.6K]  exploit.py
├── [1.0K]  LICENSE
└── [ 849]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →