KPC
Kevin Powell - Community8mo ago
MD

Bash Script to check for a vulnerable version of `xz` utils

A supply chain attack happened to opensuse recently and it was due to a malicious code inside the xz utils github. Please read up on the issue with your respective repo and backup the version to a previous if not patched. Here is a script to check if your system is vulernable. Shared from a friend in my linux discord. 
#! /bin/sh

set -eu

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
then
    echo probably not vulnerable
    exit
fi

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410
then
    echo probably vulnerable
else
    echo probably not vulnerable
fi
#! /bin/sh

set -eu

# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"

# does it even exist?
if [ "$path" == "" ]
then
    echo probably not vulnerable
    exit
fi

# check for function signature
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e7000000804883ec28488954241848894c2410
then
    echo probably vulnerable
else
    echo probably not vulnerable
fi
0 Replies
No replies yetBe the first to reply to this messageJoin
Want results from more Discord servers?
Add your server