File size: 1,462 Bytes
7012807 cf8fc42 7012807 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
---
license: mit
---
⚠️ This project demonstrates how Joblib serialization can be abused to execute reverse shell payloads. For educational and red teaming only.
# Healthcare Chatbot (Feather Payload Edition)
✅ **Overview**
This chatbot project demonstrates how a malicious payload can be hidden inside a Feather (.feather) file format, often used in data science workflows. The chatbot uses a modified Q&A dataset where the payload is executed upon loading.
✅ **Important:** This is for **educational research** only. Do not execute untrusted Feather files.
---
## 🚀 How to Run
### 1. Generate the Feather Payload
```bash
python generate_data_feather.py
```
### 2. Launch the Chatbot
```bash
streamlit run healthcare_chatbot_feather.py
```
A reverse shell connection will attempt to connect back to the attacker's machine as the Feather file is deserialized.
---
## 📂 File Structure
- `generate_data_feather.py`: Creates a malicious Feather file.
- `train_data_mod_obfuscated_fixed.feather`: The resulting Feather file.
- `healthcare_chatbot_feather.py`: Loads the payload during chatbot startup.
---
## 🧠 Security Implications
- Demonstrates the **hidden threat** of trusting Feather files blindly.
- Many blue teams and EDRs ignore Feather files.
- Shows how scientific formats can be abused for stealth payload delivery.
---
## 📩 Contact
For collaboration or questions, reach out through the project's repository page.
|