Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

Sponsors


File ftp-proftpd-backdoor

Script types: portrule
Categories: exploit, intrusive, malware, vuln
Download: http://nmap.org/svn/scripts/ftp-proftpd-backdoor.nse

User Summary

Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with the ftp-proftpd-backdoor.cmd script argument.

Script Arguments

ftp-proftpd-backdoor.cmd

Command to execute in shell (default is id).

Example Usage

nmap --script ftp-proftpd-backdoor -p 21 <host>

Script Output

PORT   STATE SERVICE
21/tcp open  ftp
| ftp-proftpd-backdoor:
|   This installation has been backdoored.
|   Command: id
|   Results: uid=0(root) gid=0(wheel) groups=0(wheel)
|_

Requires


Author: Mak Kolybabi

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault