Skip to content

Latest commit

 

History

History
38 lines (21 loc) · 1.5 KB

4.2-linux-exploitation.md

File metadata and controls

38 lines (21 loc) · 1.5 KB

4.2 Linux Exploitation

Linux Exploitation

FTP

vsftpd is an Unix FTP server.

  • vsftpd v.2.3.4 is vulnerable to a command execution vulnerability

🔬 FTP - MSF Exploit

SAMBA

Samba is the Linux implementation of SMB.

  • Samaba v.3.5.0 is vulnerable to a RCE vulnerability

🔬 Samba - MSF Exploit

SSH

libssh is a C library that implements the SSHv2 protocol

  • SSH default TCP port is 22
  • libssh v.0.6.0 - 0.8.0 is vulnerable to an authentication bypass vulnerability

🔬 SSH - MSF Exploit

SMTP

Haraka is an open source high performance SMTP server developed in Node.js

  • SMTP default TCP port is 25
    • other TCP ports are 465 and 587
  • Haraka prior to v.2.8.9 is vulnerable to command injection

🔬 SMTP - MSF Exploit