Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/aigptcode/xz_vulnerability_crossplatform

xz-vulnerability-poc (cross platform) This repository contains a Proof of Concept (POC) script for the xz vulnerability
https://github.com/aigptcode/xz_vulnerability_crossplatform

backdoor backdoor-attacks backdoorpython fud hacking linux lzma lzma-sdk mac malware ransomware ssh ssh-client ssh-server sshd windows xz xz-compression-utilities xz-utils xz-utils-backdoor

Last synced: 9 days ago
JSON representation

xz-vulnerability-poc (cross platform) This repository contains a Proof of Concept (POC) script for the xz vulnerability

Awesome Lists containing this project

README

        

# xz-vulnerability-poc (cross platform)

## just one click exploit

This repository contains a Proof of Concept (POC) script for the xz vulnerability

## Description

sources: https://www.openwall.com/lists/oss-security/2024/03/29/4

The provided Python script demonstrates the xz vulnerability by dynamically creating a malicious input file and executing the xz command with that file as input. Additionally, it opens a command shell after executing the exploit, and then deletes the exploit file and the symbolic or hard link. The script works on Linux, Windows, and macOS platforms.

## Usage

1. Clone this repository or download the script as a ZIP file.
2. Extract the files if necessary.
3. Run the script using Python: `python exploit.py`

## Notes

* The script has been tested on the latest Python 3.x versions.
* For educational and security research purposes only. Use it responsibly and always seek permission before testing vulnerabilities on systems that you don't own or control.

## Disclaimer

This repository is intended for educational and security research purposes only. The author is not responsible for any misuse or damage caused by the use of this script.

## License

This repository is licensed under the MIT License.

# STAR

Please don't forget to give us a star on GitHub ⭐️