This is my side project that exploits the permissions and vulnerabilities of pip packages, which is capable of sneaking in sensitive information, source code, or any malware into a local machine.
pip install matplotlib-visual
Note: The
matplotlib-visual
package has been implemented by me. You can install it, but the package holds information specific to me, so it may not be useful for new users. I recommend forking the repository, making changes, and uploading your own package.
python
So far, I've added features that allow you to sneak source code into a machine using the following methods:
Displaying source code in the console output.
from matplotlib_visual.models import display
display("<filename-without-extension>")
models
method displays source code in the console.
Stealth Copy to Clipboard for a more secure method.
from matplotlib_visual.graph import display
display("<filename-without-extension>")
graph
method copies the source code to the system's clipboard.
Writing the source code into the program's root directory.
from matplotlib_visual.piechart import display
display("<filename-without-extension>")
We welcome all contributions! Whether you're improving features, fixing bugs, or enhancing documentation, your help is valuable to us. Here's how to get started:
Before contributing, familiarize yourself with the project. It’s beginner-friendly, and most features are implemented with minimal lines of code. The key is to research thoroughly to understand how to implement stealthy features.
To work on an issue:
"I would like to work on this issue under GSSoC'24 Extended Edition."
"I want to work on this issue under GSSoC'24 Extended Edition."
We appreciate all contributions, whether code, documentation, or suggestions. Keep the code clean, simple, and efficient.
If you find this project useful or interesting, please star the repository on GitHub to show your support. It really helps the project grow!
stash/
directory.graph.py
, models.py
, and piechart.py
are aliases to avoid detection of sensitive operations.pip
, maintaining pip standards is advised.The purpose of this package is educational, aiming to highlight and improve security by demonstrating potential vulnerabilities in systems.
This package is licensed under the GPL 3.0, allowing you to sneakily use and modify it as needed.
Happy sneaking! 🤫