漏洞平台

POC详情： 6c397ee04ce333d14b32dd10d6a18322cda39e32

来源

https://github.com/badsectorlabs/ludus_xz_backdoor

关联漏洞

标题： xz 安全漏洞 (CVE-2024-3094)
描述：xz是一个应用软件。用于支持读取和写入xz压缩流。 XZ Utils 5.6.0版本和5.6.1版本存在安全漏洞，该漏洞源于允许攻击者嵌入恶意代码。

描述

An Ansible Role that installs the xz backdoor (CVE-2024-3094) on a Debian host and optionally installs the xzbot tool.

介绍

# Ansible Role: xz backdoor (CVE-2024-3094) (for [Ludus](https://ludus.cloud))

An Ansible Role that installs the [xz backdoor (CVE-2024-3094)](https://www.openwall.com/lists/oss-security/2024/03/29/4) on a Debian host and optionally installs the [xzbot](https://github.com/amlweems/xzbot) tool.

> [!WARNING]
> This role deploys malware on purpose!
> Without exposing the host to the internet you *should* be safe, but it's still malware. Be careful.

![demo](demo.jpeg)

## Requirements

Debian based OS

## Role Variables

Available variables are listed below, along with default values (see `defaults/main.yml`):

    # Install the xzbot cli tool used to send commands to the backdoor. It is installed to /usr/bin/xzbot
    ludus_xz_backdoor_install_xzbot: true
    # Install the xz backdoor library by linking it to liblzma.so.5 used by the system and rebooting
    ludus_xz_backdoor_install_backdoor: true
    # Remove the backdoor by replacing the symlink to liblzma.so.5 with the original and rebooting
    ludus_xz_backdoor_uninstall_backdoor: false

## Dependencies

None.

## Example Playbook

```yaml
- hosts: xz_backdoor_hosts
  roles:
    - badsectorlabs.ludus_xz_backdoor
  vars:
    ludus_xz_backdoor_install_xzbot: true
    ludus_xz_backdoor_install_backdoor: true
```

## Example Ludus Range Config

```yaml
ludus:
  - vm_name: "{{ range_id }}-xz-backdoor"
    hostname: "{{ range_id }}-xz-backdoor"
    template: debian-12-x64-server-template
    vlan: 10
    ip_last_octet: 2
    ram_gb: 2
    cpus: 2
    linux: true
    roles:
      - badsectorlabs.ludus_xz_backdoor
    role_vars:
      ludus_xz_backdoor_install_xzbot: true
      ludus_xz_backdoor_install_backdoor: true
```

## License

GPLv3

## Author Information

This role was created by [Bad Sector Labs](https://github.com/badsectorlabs), for [Ludus](https://ludus.cloud/).

文件快照


 [4.0K]  /data/pocs/6c397ee04ce333d14b32dd10d6a18322cda39e32
├── [4.0K]  defaults
│   └── [ 127]  main.yml
├── [425K]  demo.jpeg
├── [4.0K]  files
│   └── [3.2M]  xzbot
├── [ 34K]  LICENSE
├── [ 368]  ludus-config.yml
├── [4.0K]  meta
│   └── [ 685]  main.yml
├── [1.8K]  README.md
└── [4.0K]  tasks
    ├── [4.3K]  download_file.yml
    ├── [1.2K]  install_backdoor.yml
    ├── [1.2K]  main.yml
    └── [ 745]  uninstall_backdoor.yml

4 directories, 11 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。