[mdlug] info about the xz backdoor
LAP
mail1 at lapiet.info
Sun Mar 31 11:05:57 EDT 2024
On Sun, 31 Mar 2024 10:17:55 -0400 (EDT)
Jay <jjn at nuge.com> wrote:
>
> I *think* I'm suposed to look for the existance of LIBLZMA ????
>
> Yup, it is there in my Raspbian Buster install...
>
> liblzma.so.5 => /lib/arm-linux-gnueabihf/liblzma.so.5 (0xb67d7000)
>
> So be clear...what are we looking for?
>
Yes. That's the thing to look for.
Now do:
xz --version
If you see 5.6.x then you have the backdoor.
Now check if you have an open port to sshd. This will exist if you
have the sshd daemon running in the background.
More information about the mdlug
mailing list