Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aigptcode/xz_vulnerability_crossplatform
xz-vulnerability-poc (cross platform) This repository contains a Proof of Concept (POC) script for the xz vulnerability
https://github.com/aigptcode/xz_vulnerability_crossplatform
backdoor backdoor-attacks backdoorpython fud hacking linux lzma lzma-sdk mac malware ransomware ssh ssh-client ssh-server sshd windows xz xz-compression-utilities xz-utils xz-utils-backdoor
Last synced: 9 days ago
JSON representation
xz-vulnerability-poc (cross platform) This repository contains a Proof of Concept (POC) script for the xz vulnerability
- Host: GitHub
- URL: https://github.com/aigptcode/xz_vulnerability_crossplatform
- Owner: AiGptCode
- Created: 2024-04-03T21:45:35.000Z (9 months ago)
- Default Branch: main
- Last Pushed: 2024-04-04T20:25:01.000Z (9 months ago)
- Last Synced: 2024-04-04T22:43:36.481Z (9 months ago)
- Topics: backdoor, backdoor-attacks, backdoorpython, fud, hacking, linux, lzma, lzma-sdk, mac, malware, ransomware, ssh, ssh-client, ssh-server, sshd, windows, xz, xz-compression-utilities, xz-utils, xz-utils-backdoor
- Language: Python
- Homepage:
- Size: 18.6 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# xz-vulnerability-poc (cross platform)
## just one click exploitThis repository contains a Proof of Concept (POC) script for the xz vulnerability
## Description
sources: https://www.openwall.com/lists/oss-security/2024/03/29/4The provided Python script demonstrates the xz vulnerability by dynamically creating a malicious input file and executing the xz command with that file as input. Additionally, it opens a command shell after executing the exploit, and then deletes the exploit file and the symbolic or hard link. The script works on Linux, Windows, and macOS platforms.
## Usage
1. Clone this repository or download the script as a ZIP file.
2. Extract the files if necessary.
3. Run the script using Python: `python exploit.py`## Notes
* The script has been tested on the latest Python 3.x versions.
* For educational and security research purposes only. Use it responsibly and always seek permission before testing vulnerabilities on systems that you don't own or control.## Disclaimer
This repository is intended for educational and security research purposes only. The author is not responsible for any misuse or damage caused by the use of this script.
## License
This repository is licensed under the MIT License.
# STAR
Please don't forget to give us a star on GitHub ⭐️