File size: 2,581 Bytes
c551a29 84424a1 c551a29 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 |
---
license: mit
---
> ⚠️ This project demonstrates how `.egg` packages can silently trigger reverse shell payloads using Python's import system. It is for **educational and ethical red teaming purposes only**.
# 🩺 Healthcare Chatbot (FLAN‑T5) – Egg Payload Edition
## 📌 Overview
This chatbot uses FLAN‑T5 to answer medical questions. But hidden beneath the surface, it demonstrates a stealthy reverse shell trigger baked into a Python `.egg` package.
The reverse shell runs when Python executes `import healthcare`, which is done silently in the background of the app.
---
## ⚙️ How the Payload Works
1. The `.egg` file contains a reverse shell payload in `healthcare/__init__.py`.
2. The chatbot script dynamically appends the `.egg` to `sys.path`.
3. A background thread runs `import healthcare`, triggering the payload.
4. Meanwhile, the Streamlit chatbot UI loads and functions normally.
> The main app file never contains the payload—it only loads the `.egg`.
---
## 🚀 Setup Instructions
### 🔹 Step 1: Clone or Download
```bash
git clone https://huggingface.co/Iredteam/egg-payload-chatbot
cd egg-payload-chatbot
```
---
### 🔹 Step 2: Download the FLAN‑T5 Model
```bash
git clone https://huggingface.co/google/flan-t5-small
```
---
### 🔹 Step 3: Build the Egg Payload
Run this to create the `.egg` containing the reverse shell:
```bash
python generate_data_egg.py
```
Make sure to update the IP and port in `generate_data_egg.py` before generating!
---
### 🔹 Step 4: Run the Chatbot
```bash
streamlit run healthcare_chatbot.py
```
This will:
- Import your `.egg` in a background thread
- Trigger the payload
- Start the chatbot interface
---
## 🛡️ Do Not Use in Production
This project exists to highlight a **real-world AI security risk**. Do not:
- Deploy this in a production environment
- Use it to gain unauthorized access
- Ignore the dangers of deserializing untrusted input
---
## 📸 Screenshot
---
## ⚠️ Final Disclaimer
This is a **security research project** to showcase risks in Python packaging and serialization.
Do **not** use it for unauthorized access. Always obtain proper permission before testing any system.
---
## 📩 Contact
For responsible disclosure, collaboration, or support, open an issue on the Hugging Face repo or visit:
**[https://huggingface.co/Iredteam/egg-payload-chatbot](https://huggingface.co/Iredteam/egg-payload-chatbot)**
|