Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2011-2523 PoC — vsftpd 操作系统命令注入漏洞

Source
https://github.com/Gill-Singh-A/vsFTP-2.3.4-Remote-Root-Shell-Exploit
Associated Vulnerability
Title:vsftpd 操作系统命令注入漏洞 (CVE-2011-2523)
Description:vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Description
A Simple Python Program that uses gets a Remote Root Shell on the Target Device by exploiting a Vulnerability (CVE-2011-2523) present in vsFTP 2.3.4
Readme
# vsFTP 2.3.4 Remote Root Shell Exploit
A Simple Python Program that uses gets a Remote Root Shell on the Target Device by exploiting a [Vulnerability (CVE-2011-2523)](https://nvd.nist.gov/vuln/detail/CVE-2011-2523) present in vsFTP 2.3.4
## Requirements
Language Used = Python3<br />
Modules/Packages used:
* socket
* os
* pexpect
* paramiko
* getpass
* datetime
* optparse
* colorama
* multiprocessing
* time
<!-- -->
Install the dependencies:
```bash
pip install -r requirements.txt
```
## Result
After Successful Exploitation, we can directly ssh to the target device as root user.
File Snapshot

 [4.0K]  /data/pocs/f7b4d6cad11ebbd8c2eb87c03b6ba6b2833967f6
├── [8.8K]  main.py
├── [ 585]  README.md
└── [   8]  requirements.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →