MALICIOUS (1) campaign cataloged at 2024-08-10(2).
- The campaign has clearly malicious intent, like infostealers.
- This is just the date of creating the catalog entry. It may not reflect the date of creation of the campaign itself.
2024-08-lab-artifacts-revshell¶
Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simple data. Pentest? An artifact from some red team curse?
Abuse categories¶
basic_exfiltration
The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.
override_install
The package overrides the install command in setup.py to execute malicious code during installation.
revshell
The package contains code to create a reverse shell, allowing an attacker to execute any commands on the victim's machine.
Packages in the campaign¶
campaign:2024-08-lab-artifacts-revshell¶
- artifact-lab-3-package
- artifact-lab-3-package-02f73e0e
- artifact-lab-3-package-153c1c1a
- artifact-lab-3-package-1b4d0db5
- artifact-lab-3-package-1f7a39bc
- artifact-lab-3-package-2387a34d
- artifact-lab-3-package-2387cbf7
- artifact-lab-3-package-24ddbc49
- artifact-lab-3-package-2b6a4744
- artifact-lab-3-package-34b21b63
- artifact-lab-3-package-392c6acd
- artifact-lab-3-package-3ccf47e8
- artifact-lab-3-package-3eef6c2c
- artifact-lab-3-package-438d82fc
- artifact-lab-3-package-4c04b1a2
- artifact-lab-3-package-6e10193e
- artifact-lab-3-package-736f752d
- artifact-lab-3-package-76a351f5
- artifact-lab-3-package-77d0c154
- artifact-lab-3-package-7e532784
- artifact-lab-3-package-89883da3
- artifact-lab-3-package-9fde789f
- artifact-lab-3-package-b1ec2b9f
- artifact-lab-3-package-b55680cd
- artifact-lab-3-package-b6920ef4
- artifact-lab-3-package-b9485a2f
- artifact-lab-3-package-ccd28738
- artifact-lab-3-package-d7d52d45
- artifact-lab-3-package-db7d716a
- artifact-lab-3-package-e46d5661
- artifact-lab-3-package-e7ffd2ef
- artifact-lab-3-package-f0727516
- artifact-lab-3-package-f70fc6dd
- artifact-lab-3-package-f9dafccc
- lab-3-package-438d82fc