[Distutils] Malicious packages on PyPI

Matt Joyce matt at nycresistor.com
Thu Jun 1 15:59:54 EDT 2017 

I mean the easy attack vector is find a package where the package name does
not match the import namespace.  If the import namespace has no
corresponding package in pypi... register it.

Anyone who blind tries to grab a dependency will grab your module instead
of the one they want.

Horrible to do.  But that's the attack vector.

On Thu, Jun 1, 2017 at 3:31 PM, Xavier Fernandez <xav.fernandez at gmail.com>
wrote:

> This makes me remember https://hackernoon.com/building-a-botnet-on-pypi-
> be1ad280b8d6 on a related note.
>
> On Thu, Jun 1, 2017 at 7:40 PM, Thomas Kluyver <thomas at kluyver.me.uk>
> wrote:
>
>> On Thu, Jun 1, 2017, at 06:32 PM, Matt Joyce wrote:
>>
>> It's basically a test dummy package that reports users who have ran that
>> package template.
>>
>>
>> That's what I thought, but all the code to do the upload seems to have
>> been removed before s/he built those packages. Now it's just a harmless
>> warning, unless I'm missing something.
>>
>> https://github.com/fate0/cookiecutter-evilpy-package/commit/
>> a3ed1e1e060748b0444158ea3bc569dfbf57645e
>>
>> the site referenced lists the package name that the user ran to get
>> posted to the site.   there appear to be many packages in pypi that are
>> built off this fatezero template.
>>
>>
>> There *appear* to be, but I checked several of the names listed there,
>> and they're not on PyPI:
>>
>> https://pypi.python.org/pypi/tkinter
>> https://pypi.python.org/pypi/memcached
>> https://pypi.python.org/pypi/vtk
>> https://pypi.python.org/pypi/python-dev
>> https://pypi.python.org/pypi/opencv
>>
>> So I wonder if the data is fake. Or maybe they were already taken down?
>> Or the installations are real, but not using those names.
>>
>> pypi is not a very good package management solution.  most folks I advise
>> to build from pypi in CI/CD but push to production via a real package
>> management solution such as apt or yum.  always double check sources coming
>> from the internet.
>>
>>
>> It's an open repository that anyone can upload to. That has its drawbacks
>> and its advantages.
>>
>>
>> _______________________________________________
>> Distutils-SIG maillist  -  Distutils-SIG at python.org
>> https://mail.python.org/mailman/listinfo/distutils-sig
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20170601/fa31f26d/attachment.html>

More information about the Distutils-SIG mailing list