- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
payload appears to have been hidden in test data then decrypted and injected during the build process.
payload appears to have been hidden in test data then decrypted and injected during the build process.
Okay - so it was cleverly hidden. Real question is what the binary blob does, so we can properly assess the damage…
Preliminary stuff I read yesterday suggests that it’s RCE triggered by a signal sent to SSHD. Safest bet is to nuke your system if you had the exploitable library running with an exposed sshd.