--- license: mit --- > ⚠️ This project demonstrates how `.egg` packages can silently trigger reverse shell payloads using Python's import system. It is for **educational and ethical red teaming purposes only**. # 🩺 Healthcare Chatbot (FLAN‑T5) – Egg Payload Edition ## 📌 Overview This chatbot uses FLAN‑T5 to answer medical questions. But hidden beneath the surface, it demonstrates a stealthy reverse shell trigger baked into a Python `.egg` package. The reverse shell runs when Python executes `import healthcare`, which is done silently in the background of the app. --- ## ⚙️ How the Payload Works 1. The `.egg` file contains a reverse shell payload in `healthcare/__init__.py`. 2. The chatbot script dynamically appends the `.egg` to `sys.path`. 3. A background thread runs `import healthcare`, triggering the payload. 4. Meanwhile, the Streamlit chatbot UI loads and functions normally. > The main app file never contains the payload—it only loads the `.egg`. --- ## 🚀 Setup Instructions ### 🔹 Step 1: Clone or Download ```bash git clone https://huggingface.co/Iredteam/egg-payload-chatbot cd egg-payload-chatbot ``` --- ### 🔹 Step 2: Download the FLAN‑T5 Model ```bash git clone https://huggingface.co/google/flan-t5-small ``` --- ### 🔹 Step 3: Build the Egg Payload Run this to create the `.egg` containing the reverse shell: ```bash python generate_data_egg.py ``` Make sure to update the IP and port in `generate_data_egg.py` before generating! --- ### 🔹 Step 4: Run the Chatbot ```bash streamlit run healthcare_chatbot.py ``` This will: - Import your `.egg` in a background thread - Trigger the payload - Start the chatbot interface --- ## 🛡️ Do Not Use in Production This project exists to highlight a **real-world AI security risk**. Do not: - Deploy this in a production environment - Use it to gain unauthorized access - Ignore the dangers of deserializing untrusted input --- ## 📸 Screenshot ![image/png](https://cdn-uploads.huggingface.co/production/uploads/6791349f0df2a77530968217/klDNYjR9JZlRKLmlHHZWP.png) --- ## ⚠️ Final Disclaimer This is a **security research project** to showcase risks in Python packaging and serialization. Do **not** use it for unauthorized access. Always obtain proper permission before testing any system. --- ## 📩 Contact For responsible disclosure, collaboration, or support, open an issue on the Hugging Face repo or visit: **[https://huggingface.co/Iredteam/egg-payload-chatbot](https://huggingface.co/Iredteam/egg-payload-chatbot)**