- Type: hidden command
- Affected versions: none (synthetic backdoor)
If the command SELLECT is run, the backdoor triggers and attempts to remove the /h0me
directory.
We can use a single (incomplete) query to trigger the backdoor (e.g., with the backdoored version):
$ ./backdoored/sqlite3 < backdoor-trigger.sqlNothing will be displayed in the output, but if we trace the execution (e.g., via strace) we will
observe the unlink('/h0me/') system call.