set PAYLOAD cmd/unix/interact
While only the tarball downloaded between June 30 and July 3, 2011, contained the backdoor, it is a clean 2.3.4 binary from a backdoored one without cryptographic verification. Therefore, security professionals treat any vsftpd 2.3.4 installation as vulnerable. vsftpd 208 exploit github fix
To prevent similar exploits, make sure to: contained the backdoor
: Run vsftpd -v to ensure you are on a version higher than 2.3.4 (e.g., 3.0.3 or 3.0.5). 3.0.3 or 3.0.5). system("/bin/sh")
system("/bin/sh"); exit(0);