Hi ! I want to demo the backdoor usage and would like to install a unstable/test version of a distribution (possibly Debian or Fedora) that had the backdoor (v5.6.0 or 5.6.1 of xz/liblzma and patched openssh for systemd notification)

How could I do that?

I will be using xzbot from amlweems to further patch liblzma but I want a distro that has openssh run by systemd that links to the correct liblzma version

Thank you!

    • emidioOP
      link
      fedilink
      arrow-up
      10
      ·
      8 months ago

      Yes, indeed the backdoor code checks, in the event of ssh authentication with a certificate, that it was signed with a specific ssh private key (their own CA), the corresponding public key being hardcoded in the backdoor code.

      But this project xzbot demonstrates how to patch the corrupted liblzma to replace the key