Backdoored Source

So find the bug in the zeek source version release/2.0. They provide a tampered zip file of the source.
Zeek repo lives here https://github.com/zeek/zeek​
The original source tag here https://github.com/zeek/zeek/releases/tag/v2.0​
Clone that tag down. I used beyond compare to do a folder diff on the sourcetree. Uh oh whats up with that file I wonder.
The Solution
scripts/base/protocols/conn/main.bro

Writeup - Previous

Check Your Alignment

Last modified 2yr ago