Skip to content

Instantly share code, notes, and snippets.

@araujo88
Created April 2, 2024 10:21
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save araujo88/4dd34850ea3d77e714d36c1f49c0ae0a to your computer and use it in GitHub Desktop.
Save araujo88/4dd34850ea3d77e714d36c1f49c0ae0a to your computer and use it in GitHub Desktop.
Check for liblzma vulnerability in sshd
#!/bin/bash
set -u
set -x # Print commands and their arguments as they are executed.
# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')" || echo "liblzma not found for sshd"
# If the path is empty, the script will now continue instead of exiting due to set -e being removed.
if [ "$path" == "" ]
then
echo "probably not vulnerable (liblzma not used by sshd)"
else
# check for function signature
if hexdump -ve '1/1 "%02x"' "$path" | grep -q f30f1efa554889f54c89ce5389fb81e70000000084883ec28488954241848894c2410
then
echo "probably vulnerable"
else
echo "probably not vulnerable (no matching signature)"
fi
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment