Exploit for Embedded Malicious Code in Tukaani Xz CVE-2024-3094

Name: Exploit for Embedded Malicious Code in Tukaani Xz CVE-2024-3094
Rating: 5 (147 reviews)

2024-04-03 | CVSS 10.0

## https://sploitus.com/exploit?id=9B72BD91-C3F1-536B-B28F-354A5DFA637F
# xz-backdoor-CVE-2024-3094-Check
Verify if your installed version of xz-utils is vulnerable to CVE-2024-3094 backdoor. This check is for Kali Linux or other Debian based installs.

## Usage
```
git https://github.com/Bella-Bc/xz-backdoor-CVE-2024-3094-Check.git
cd xz-backdoor-CVE-2024-3094-Check
chmod +x check_xz_utils_CVE-2024-3094.sh
./check_xz_utils_CVE-2024-3094.sh
```
![exampleTest_xz-backdoor](https://github.com/Bella-Bc/xz-backdoor-CVE-2024-3094-Check/assets/10534659/0adb1418-3844-4540-9382-9937a5c51d52)


## References
https://www.kali.org/blog/about-the-xz-backdoor/ <br><br>
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27<br><br>
https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/

## CVE Overview
![overview](https://cdn.arstechnica.net/wp-content/uploads/2024/04/xz-backdoor-graphic-thomas-roccia-scaled.jpg)