4.2 Linux Exploitation

Linux Exploitation

FTP

​vsftpd is an Unix FTP server.

  • vsftpd v.2.3.4 is vulnerable to a command execution vulnerability

πŸ”¬ FTP - MSF Exploit​

SAMBA

Samba is the Linux implementation of SMB.

  • Samaba v.3.5.0 is vulnerable to a RCE vulnerability

πŸ”¬ Samba - MSF Exploit​

SSH

libssh is a C library that implements the SSHv2 protocol

  • SSH default TCP port is 22

  • libssh v.0.6.0 - 0.8.0 is vulnerable to an authentication bypass vulnerability

πŸ”¬ SSH - MSF Exploit​

SMTP

​Haraka is an open source high performance SMTP server developed in Node.js

  • SMTP default TCP port is 25

    • other TCP ports are 465 and 587

  • Haraka prior to v.2.8.9 is vulnerable to command injection

πŸ”¬ SMTP - MSF Exploit​

Previous4.1 Linux VulnerabilitiesNext4.3 Linux Post-Exploitation

Last updated