ftp exploits

ProFTPd 1.3.5

exploit-db/36742

vsftpd 2.3.4

0xdf/ctfscripts/vsftpd2.3.4-backdoor
- launches a interactive php shell
  - run phpinfo() & search for disable_fucntions to checks blacklisted commands.

PHP shell commands:

getcwd();
get_current_user();
scandir("/")
ls #
- List local, instance or class variables, methods and constants.
show $variable
echo file_get_contents("FILE_TO_READ")
readfile("FILE_TO_READ")
fwrite(fopen("FILE_TO_WRITE_TO","w+"),"DATA");

Previousfail2ban Nextfudforum

Last updated 2 years ago