janriemer, xzbot - by Anthony Weems
https://github.com/amlweems/xzbot
From their README:
Exploration of the xz backdoor (CVE-2024-3094). Includes the following:
- honeypot: fake vulnerable server to detect exploit attempts
- ed448 patch: patch liblzma.so to use our own ED448 public key
- backdoor format: format of the #backdoor payload
- backdoor demo: cli to trigger the RCE assuming knowledge of the ED448 private key