|
|
--- |
|
|
license: mit |
|
|
--- |
|
|
|
|
|
β οΈ This project demonstrates how Joblib serialization can be abused to execute reverse shell payloads. For educational and red teaming only. |
|
|
|
|
|
# Healthcare Chatbot (Feather Payload Edition) |
|
|
|
|
|
β
**Overview** |
|
|
|
|
|
This chatbot project demonstrates how a malicious payload can be hidden inside a Feather (.feather) file format, often used in data science workflows. The chatbot uses a modified Q&A dataset where the payload is executed upon loading. |
|
|
|
|
|
β
**Important:** This is for **educational research** only. Do not execute untrusted Feather files. |
|
|
|
|
|
--- |
|
|
|
|
|
## π How to Run |
|
|
|
|
|
### 1. Generate the Feather Payload |
|
|
```bash |
|
|
python generate_data_feather.py |
|
|
``` |
|
|
|
|
|
### 2. Launch the Chatbot |
|
|
```bash |
|
|
streamlit run healthcare_chatbot_feather.py |
|
|
``` |
|
|
|
|
|
A reverse shell connection will attempt to connect back to the attacker's machine as the Feather file is deserialized. |
|
|
|
|
|
--- |
|
|
|
|
|
## π File Structure |
|
|
|
|
|
- `generate_data_feather.py`: Creates a malicious Feather file. |
|
|
- `train_data_mod_obfuscated_fixed.feather`: The resulting Feather file. |
|
|
- `healthcare_chatbot_feather.py`: Loads the payload during chatbot startup. |
|
|
|
|
|
--- |
|
|
|
|
|
## π§ Security Implications |
|
|
|
|
|
- Demonstrates the **hidden threat** of trusting Feather files blindly. |
|
|
- Many blue teams and EDRs ignore Feather files. |
|
|
- Shows how scientific formats can be abused for stealth payload delivery. |
|
|
|
|
|
--- |
|
|
|
|
|
## π© Contact |
|
|
|
|
|
For collaboration or questions, reach out through the project's repository page. |
|
|
|
