Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File ftp-proftpd-backdoor

Script types: portrule
Categories: exploit, intrusive, malware, vuln
Download: http://nmap.org/svn/scripts/ftp-proftpd-backdoor.nse

User Summary

Tests for the presence of the ProFTPD 1.3.3c backdoor reported as OSVDB-ID 69562. This script attempts to exploit the backdoor using the innocuous id command by default, but that can be changed with the ftp-proftpd-backdoor.cmd script argument.

Script Arguments

ftp-proftpd-backdoor.cmd

Command to execute in shell (default is id).

Example Usage

nmap --script ftp-proftpd-backdoor -p 21 <host>

Script Output

PORT   STATE SERVICE
21/tcp open  ftp
| ftp-proftpd-backdoor:
|   This installation has been backdoored.
|   Command: id
|   Results: uid=0(root) gid=0(wheel) groups=0(wheel)
|_

Requires


Author: Mak Kolybabi

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]