[draf] GCAH exploit vsftpd 234 by netcat

Aside from having a very nice version number (2-3-4), vsftpd 2.3.4 contain a LOLz backdoor that can be exploited easily without using any sophisticated tools (that’s the point of backdoor after all).

What you need:

  • A computer with internet connection
  • ftp client (most linux and windows are delivered with one by default)
  • Netcat (or something similar, netcat is available for both Linux and Windows)
  • Feeling comfortable with terminal and command line

I’ll use a linux machine, but this should work on windows with cmd or powershell as well.