nuclei-templates/network/vsftpd-detection.yaml

id: vsftpd-detection

info:
  name: VSFTPD v2.3.4 Backdoor Command Execution
  author: pussycat0x
  severity: critical
  tags: network,vsftpd,ftp
  reference: https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/

network:
  - inputs:
      - data: "USER anonymous\r\nPASS pussycat0x\r\n"

    host:
      - "{{Hostname}}"
      - "{{Hostname}}:21"

    matchers:
      - type: word
        words:
          - "vsFTPd 2.3.4"
more changes 2021-06-28 18:37:15 +00:00			`id: vsftpd-detection`
Add files via upload 2021-06-24 16:43:08 +00:00
			`info:`
more changes 2021-06-28 18:37:15 +00:00			`name: VSFTPD v2.3.4 Backdoor Command Execution`
Add files via upload 2021-06-24 16:43:08 +00:00			`author: pussycat0x`
more changes 2021-06-28 18:37:15 +00:00			`severity: critical`
			`tags: network,vsftpd,ftp`
Add files via upload 2021-06-24 16:43:08 +00:00			`reference: https://www.rapid7.com/db/modules/exploit/unix/ftp/vsftpd_234_backdoor/`

			`network:`
			`- inputs:`
			`- data: "USER anonymous\r\nPASS pussycat0x\r\n"`

			`host:`
			`- "{{Hostname}}"`
			`- "{{Hostname}}:21"`

			`matchers:`
			`- type: word`
			`words:`
more changes 2021-06-28 18:37:15 +00:00			`- "vsFTPd 2.3.4"`