HomeGitHubPortfolioTwitter/XMediumCont@ct

4.2 Linux Exploitation

Linux Exploitation

FTP

vsftpd is an Unix FTP server.

  • vsftpd v.2.3.4 is vulnerable to a command execution vulnerability

🔬 FTP - MSF Exploit

SAMBA

Samba is the Linux implementation of SMB.

  • Samaba v.3.5.0 is vulnerable to a RCE vulnerability

🔬 Samba - MSF Exploit

SSH

libssh is a C library that implements the SSHv2 protocol

  • SSH default TCP port is 22

  • libssh v.0.6.0 - 0.8.0 is vulnerable to an authentication bypass vulnerability

🔬 SSH - MSF Exploit

SMTP

Haraka is an open source high performance SMTP server developed in Node.js

  • SMTP default TCP port is 25

    • other TCP ports are 465 and 587

  • Haraka prior to v.2.8.9 is vulnerable to command injection

🔬 SMTP - MSF Exploit

Previous4.1 Linux VulnerabilitiesNext4.3 Linux Post-Exploitation

Last updated