Skip to content

oelin/crimson

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
crimson
crimson
 
 
images
images
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Crimson

Crimson is a cache poisoning library which allows you to silently inject code into Python applications. This is achieved through unchecked hash invalidation.

Installation

pip install git+https://github.com/oelin/crimson

Usage

Crimson allows you to poison any Python module without altering its source code. For instance, the code below poisons numpy so that it outputs pwned when imported.

>>> import crimson

>>> crimson.invalidate("venv/lib/python3.9/site-packages/numpy/__init__.py", "print('pwned')") 
>>> import numpy 

"pwned"

About

Python cache poisoning 🩸.

Topics

code-injection pycache cache-poisoning

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages