Tag: Backdoor | Yw4rf

2024-10-15

Source - Webmin 1.890 RCE (CVE-2019-15107) Exploitation

Technical writeup detailing the immediate compromise of the Source machine by exploiting the Webmin service running on port 10000. The vulnerability leveraged is the unauthenticated Remote Code Execution (RCE) backdoor in Webmin versions 1.882 < 1.921 (CVE-2019-15107). Exploitation is achieved by running a public exploit to gain direct root access and establishing a reverse shell for full system control.

TryHackMe Webmin Port-10000 CVE-2019-15107 RCE Reverse-Shell Backdoor Root-Access Linux-Exploitation
2024-09-16

FirstHacking - Exploiting vsftpd 2.3.4 Backdoor (CVE-2011-2523)

Technical writeup demonstrating the exploitation of the vsftpd 2.3.4 backdoor (CVE-2011-2523) vulnerability on a DockerLabs environment. Methodology covers Nmap service detection, exploit identification via Searchsploit, remote command execution via the FTP service, and achieving immediate root access.

DockerLabs FTP vsftpd Backdoor CVE-Exploitation Command-Execution Searchsploit Privilege-Escalation