Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/112197989875551946">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 02-Apr-2024 06:05:09 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250105013211.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/112197263297231137" rel="in-reply-to">in reply to</a></div></section><article><p>.<a href="https://infosec.exchange/@amlw">@amlw</a> wrote a great proof of concept for <a href="https://cyberplace.social/tags/XZ" rel="tag">#XZ</a> to allow code execution via ssh. </p><p>Very important note: it doesn’t work in the wild as you need the private key, which only the threat actor(s) have. But you can create your own for exploiting your own servers. </p><p><a href="https://github.com/amlweems/xzbot" rel="nofollow noreferrer">https://github.com/amlweems/xzbot</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2881363#notice-5742445">In conversation</a><time datetime="2024-04-02T06:05:09+09:00" title="Tuesday, 02-Apr-2024 06:05:09 JST">about 10 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/112197989875551946" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/112197989875551946">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: opengraph.githubassets.com</div><h5><a href="https://github.com/amlweems/xzbot">GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)</a></h5><div></div></header><div>notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot</div><footer></footer></article></li><li><label><a rel="external" href="https://gnusocial.jp/attachment/2447989">Untitled attachment</a></label><br><a href="https://cyberplace.social/system/media_attachments/files/112/197/989/630/093/579/original/5eadd2f1ee7b6760.png" rel="external">https://cyberplace.social/system/media_attachments/files/112/197/989/630/093/579/original/5eadd2f1ee7b6760.png</a></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Tuesday, 02-Apr-2024 06:05:09 JST Kevin Beaumont
in reply to
.@amlw wrote a great proof of concept for #XZ to allow code execution via ssh.
Very important note: it doesn’t work in the wild as you need the private key, which only the threat actor(s) have. But you can create your own for exploiting your own servers.
https://github.com/amlweems/xzbot
In conversationabout 10 months ago from cyberplace.socialpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
  notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot
2. Untitled attachment
  https://cyberplace.social/system/media_attachments/files/112/197/989/630/093/579/original/5eadd2f1ee7b6760.png

Public

Embed Notice

HTML Code

Corresponding Notice