so like why can’t i find anyone who’s actually analysed how the xz backdoor ssh auth bypass works
You must log in to comment.
in reply to @bark's post:
I saw some discussion earlier today of “oh this is harder than usual to reverse engineer” I’m sure someone will do it there’s just a smaller group of people who can do it and it’s only been like 40 hours.
Also all the people busy doing analysis of how it’s actually getting injected in the first place.
seems like people are working on it (some links at https://boehs.org/node/everything-i-know-about-the-xz-backdoor) but it appears the payload is pretty damn complex