30 Bird - Using a Backdoor (CASP)


NOTE: The Kali and Metasploitable VMs should be running.

A successful bind shell created in Metasploit


In earlier service enumeration, you noticed that the Metasploitable VM's FTP server is VSFTPD 2.3.4. Vulnerability analysis showed that the version was maliciously modified in the download archive. Attackers inserted a backdoor that allows shell access without a password. You will exploit that vulnerability to gain access.