cgivre

Exploiting Pandas AI

This gist demonstrates an attack using Pandas AI. PandasAI is a library which allows users to interact with data in a pandas dataframe with natural language. PandasAI can also do some other interesting things like generate features for machine learning, create visualizations etc. The complete documentation is available here: https://pandas-ai.readthedocs.io/en/latest/.

From the user's perspective, this means that a user could simply write some code to read data into a dataframe, and then ask the data a question. Something like this:

df = pd.read_csv('mydata.csv')
pandas_ai(df, "Which are my five best selling products?")

cgivre

If you teach at BlackHat, and you're like me and are constantly checking your registration numbers, you can use this handy script to pull your numbers and message you on Slack every time you get a new registration.

from io import StringIO
import logging
import datetime
import pandas as pd
import requests
import slack

cgivre

One of the major challenges you may face is converting "normal" SQL to T-SQL which is Microsoft's dialect of SQL. I couldn't find any easy way to do this, however in doing some other work I found that Apache Calcite can actually perform this function quite simply. So... here's some code that does exactly that!

import org.apache.calcite.config.Lex;
import org.apache.calcite.sql.SqlDialect;
import org.apache.calcite.sql.SqlNode;
import org.apache.calcite.sql.parser.SqlParseException;

cgivre

cgivre

---------------------------------------------------------------------
-- Script that creates the sample database TSQLV4
--
-- Supported versions of SQL Server: 2008, 2008 R2, 2012, 2014, 2016, Azure SQL Database
--
-- Based originally on the Northwind sample database
-- with changes in both schema and data
--
-- Last updated: 20160601
--

cgivre

# This is the MIT license: http://www.opensource.org/licenses/mit-license.php
#
# Copyright (c) 2005-2012 the SQLAlchemy authors and contributors <see AUTHORS file>.
# SQLAlchemy is a trademark of Michael Bayer.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy of this
# software and associated documentation files (the "Software"), to deal in the Software
# without restriction, including without limitation the rights to use, copy, modify, merge,
# publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons
# to whom the Software is furnished to do so, subject to the following conditions:

cgivre

import pandas as pd
import glob
import os
import re

# This script cleans the data available from CSSE's github repo available here:
# https://github.com/CSSEGISandData/COVID-19

BASE_PATH = "<path to data>"
DATA_PATH = "csse_covid_19_data/csse_covid_19_daily_reports"

cgivre

Drill Crypto Functions

This library contains a collection of cryptography-related functions for Apache Drill. It generally mirrors the crypto functions in MySQL. The package includes:

• aes_encrypt()/ aes_decrypt(): implement encryption and decryption of data using the official AES (Advanced Encryption Standard) algorithm, previously known as “Rijndael.” AES_ENCRYPT() encrypts the string str using the key string key_str and returns a binary string containing the encrypted output. AES_DECRYPT() decrypts the encrypted string crypt_str using the key string key_str and returns the original cleartext string. If either function argument is NULL, the function returns NULL.

> SELECT aes_encrypt( 'encrypted_text', 'my_secret_key' ) AS aes FROM (VALUES(1));

cgivre

Reading Web Server Logs

As of version 1.9, Apache Drill can natively ingest and query web server logs. To configure Drill to read server logs, you must modify the extensions section in the dfs configuration:

"httpd": {
  "type": "httpd",
  "logFormat": "%h %t \"%r\" %>s %b \"%{Referer}i\" \"%{user-agent}i\"",
  "timestampFormat": null
}