A python looking out from the grass

Python 0wned: malicious snakes on a cloud?

Posted on By Davey Winder 2 Comments on Python 0wned: malicious snakes on a cloud?

Researcher creates proof of concept Python module installation file that executes code with root privileges while remaining off the radar

Amongst the many features of Python is the ability to install modules, or packages, to extend the functionality of your own programs. Once installed, these modules will execute alongside your own code. However, a researcher called ‘mschwager’ has posted details of a proof of concept file to GitHub called 0wned which shows how malicious code can be executed when you initially install the package itself. By manipulating the setup.py file within the Python ‘pip’ package manager, 0wned was “able to successfully write to the root directory” mschwager says, continuing “this means that 0wned can do anything as the root or administrative user.”

Click here to read complete article

Analysis Tags:, , , ,

Related Articles

Forget Passwords, This New Tech Is Nearly Hacker-Proof, 1Password Says Analysis
Gmail Hackers Leave Vital Clues Behind—Check These 3 Things Now Analysis
No, 1Password Has Not Just Been Hacked—Your Passwords Are Safe Analysis
New Critical Security Warning For iPhone, iPad, Watch, Mac—Attacks Underway Analysis
New Emergency Chrome Security Update After Critical iOS 16.6.1 Release Analysis
New iPhone iOS 16 Bluetooth Hack Attack—How To Stop It Analysis

Comments (2) on “Python 0wned: malicious snakes on a cloud?”

Comments are closed.

×
Cookies
We serve cookies. If you think that's ok, just click "Accept all". You can also choose what kind of cookies you want by clicking "Settings". Read our cookie policy
Settings Refuse all Accept all
Cookies
Choose what kind of cookies to accept. Your choice will be saved for one year. Read our cookie policy
Save Refuse all Accept all