metasploit-framework icon indicating copy to clipboard operation
metasploit-framework copied to clipboard

Published 20 hours ago verified publisher icon rapid7

CVE-2011-0762 VSFTPD DOS attack

Open rad10 opened this issue 2 years ago • 4 comments

This is an auxiliary for DOSing a VSFTPD server from version 2.3.3 and below.

Verification

List the steps needed to make sure this thing works

  • [ ] Start msfconsole
  • [ ] use auxiliary/dos/ftp/vstfpd_232
  • [ ] set rhosts
  • [ ] set ftpuser
  • [ ] set ftppass
  • [ ] run

rad10 avatar Nov 27 '22 00:11 rad10

I wrote this exploit based off of the POC in https://www.exploit-db.com/exploits/16270. The only problem with this exploit is that it needs multiple connections to run. I got it to work with at least 3 connections, but I'm not sure how I can make multiple separate connections to the server and transmit the payload. Any suggestions would be appreciated.

rad10 avatar Nov 27 '22 00:11 rad10

When creating a pull request, please ensure that the default pull request template has been updated with the required details.

github-actions[bot] avatar Nov 27 '22 22:11 github-actions[bot]

Thanks for your pull request! Before this can be merged, we need the following documentation for your module:

github-actions[bot] avatar Dec 30 '22 17:12 github-actions[bot]

Thanks for your pull request! Before this pull request can be merged, it must pass the checks of our automated linting tools.

We use Rubocop and msftidy to ensure the quality of our code. This can be ran from the root directory of Metasploit:

rubocop <directory or file>
tools/dev/msftidy.rb <directory or file>

You can automate most of these changes with the -a flag:

rubocop -a <directory or file>

Please update your branch after these have been made, and reach out if you have any problems.

github-actions[bot] avatar Dec 30 '22 17:12 github-actions[bot]

Atticing this until docs can be provided.

gwillcox-r7 avatar Jan 31 '23 21:01 gwillcox-r7

Thanks for your contribution to Metasploit Framework! We've looked at this pull request, and we agree that it seems like a good addition to Metasploit, but it looks like it is not quite ready to land. We've labeled it attic and closed it for now.

What does this generally mean? It could be one or more of several things:

  • It doesn't look like there has been any activity on this pull request in a while
  • We may not have the proper access or equipment to test this pull request, or the contributor doesn't have time to work on it right now.
  • Sometimes the implementation isn't quite right and a different approach is necessary.

We would love to land this pull request when it's ready. If you have a chance to address all comments, we would be happy to reopen and discuss how to merge this!

github-actions[bot] avatar Jan 31 '23 21:01 github-actions[bot]