Techly NewsGet the app

Get the latest tech news

Xz sshd backdoor collecting usernames from logs


The amazingly scary xz sshd backdoor, Author: Bojan Zdrnja

Unless you took the whole weekend off, you must have seen by now that Andres Freund published an amazing discovery on Friday on the Openwall mailing list ( https://www.openwall.com/lists/oss-security/2024/03/29/4). The image above shows start of the function (originally called Lsimple_coder_update_0) where I also expanded one of the radix tree tables (_Llzip_decode_1). The final function we’ll take a look at is also interesting – it will parse every log created by the sshd service and will try to extract valid usernames and IP addresses.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of logs

logs

Photo of Xz sshd backdoor

Xz sshd backdoor

Photo of collecting usernames

collecting usernames

Related news:

News photo

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

News photo

Perfectly legal for cars to harvest your texts, call logs

« Cathie Wood’s Fintech ETF Bleeds Assets After 93% Return Last Year
Portugal Overthrew its Fascist Regime 50 Years Ago Today to Become a Democracy »