Skip to content

A tool for infected .pyc files with arbitrary code that spreads out to infect all other .pyc files

License

Notifications You must be signed in to change notification settings

jgeralnik/Pytroj

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Pytroj

Pytroj is a proof of concept attack against .pyc files. It searches for other .pyc files and injects itself into them. The injected code can be any python code (in this case it prints "You have been exploited").

This proof of concept only searches for .pyc files in its own directory. To use it:

 python -c 'import exploit, b, c'
 python exploit.pyc

The files b.pyc and c.pyc will now be infected. If you create another .pyc file (for example, python -c 'import byteplay') and run either b.pyc or c.pyc, the new file will also get infected.

Another way to run an infected file is to import it once the .pyc file exists:

 python -c 'import b'

The infected files print out a list of files that they have newly infected, followed by the phrase "You have been exploited"

After that, infected programs will continue to execute as normal.

Slides are here

On the web

For help, questions, or comments, feel free to contact us:

Joey Geralnik, Leon Fedotov, Itzik Kotler

About

A tool for infected .pyc files with arbitrary code that spreads out to infect all other .pyc files

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages