Sneaky-Package

This is my side project that exploits the permissions and vulnerabilities of **pip** packages, which is capable of sneaking in *sensitive information, source code, or any malware* into a local machine.

SNEAKY PACKAGE 👾

GSSoC-ext

🚀Project Overview
✨ Key Features ✨
🚀 How to Contribute to This Project
🏆 Contribution Points
📄 GSSoC Guidelines 📄
📑 Note for Contributors
🟡Technologies & Description
Contributors ✨
💌 Ending Note
🪪 Licence

🚀Project Overview

A ready-to-deploy Python package designed to stealthily integrate files within a machine, ensuring discreet and seamless file operations without detection. This project is nothing more than a lightweight & faster Python package that aims to highlight and improve security by demonstrating potential vulnerabilities in the system when connected with pip.

✨ Key Features ✨

💾 Designed to Look Conventional

The package installs like any normal Python package, but its main target is to perform sneaky functions that are unfavorable for users.

📥 Installing Without Getting Noticed

One key feature of the package is that it is designed in such a way that it becomes difficult to detect its installation. The download and installation can be done without getting caught.

🖥️ Cross-Platform Package

The package runs across all major operating systems, including Windows, Linux, and macOS.

🛠️How to Get Started-

🔧 Installations:

pip install matplotlib-visual

Note: The matplotlib-visual package has been implemented by Project Manager and has details specific to him, you are suggested to follow the steps above and fork the repository and upload a package.

⏱️Execution:

Create a Python file and enter any of the code snippets below.
Or, open a terminal and run Python interactively:

python

📊Progress so far:

📍Displaying source code in the console output.

    from matplotlib_visual.models import display
    display("<filename-without-extension>")

models method displays source code in the console.

📍Stealth Copy to Clipboard for a more secure method.

    from matplotlib_visual.graph import display
    display("<filename-without-extension>")

graph method copies the source code to the system's clipboard.

📍Writing the source code into the program's root directory.

    from matplotlib_visual.piechart import display
    display("<filename-without-extension>")

piechart method writes the file in the root directory of execution.

📍Web Scraping from a cl1p.net clipboard.

     from package_name.clp import grab
     grab('url-name')

grab method retrieves the clipboard's text content from the specified URL and displays it in the system console. If no content is found, a message indicating "nothing found" is returned.

🚀 How to Contribute to This Project

We welcome all contributors to our project Sneaky-Package. Before contributing we request you to get familiar with the project. The project is beginner friendly and you can find features you would like to improve including bugs, enhancements or documentation. Here are steps to start contributing:

🍴 Fork the Repository
- Go to the repository page.
- Click the Fork button (top right) to create a copy in your GitHub account.
💻 Clone Your Fork
- Open your terminal and run:
```
git clone https://github.com/ENTER-YOUR-USERNAME/Sneaky-package.git
```
- You have to enter your Github username in above code.
🌿 Create a New Branch
- Create a new branch for your work to ensure that changes made by other contributors don't overlap with yours:
```
git switch YOUR-BRANCH-NAME
```
🛠️ Make Your Changes
- Make the required changes in the package, and contact the project manager this-is-yaash for any queries.
✅ Finalize Your Changes
- Before you proceed to the next step ensure all changes are made and check them once again before making the final commit.
💬 Commit Your Changes
- Once ready, commit them with a descriptive message:
```
git add .
git commit -m "Added feature X or Fixed issue Y"
```
📤 Push Your Changes
- Push your changes to your forked repository:
```
git push origin YOUR-BRANCH-NAME
```
🔄 Create a Pull Request (PR)
- Go back to the original repository here.
- Click the Compare & pull request button, write a short description of your changes, and submit the PR.
🔎 Review Changes
- The project manager will review your PR, and if approved, your request will be merged.

🏆 Contribution Points

All tasks will be assigned various levels based on complexity and required skills. Each level provides different points:

🥇 Level 1: 10 Points
🥈 Level 2: 25 Points
🥉 Level 3: 45 Points

📄GSSoC Guidelines 📄

It is important to adhere to the guidelines; violations can affect your profile. Review the guidelines here.

📑Note for Contributors-

This package integrates source files into a target machine using the stash/ directory.
A test file is provided—run it to ensure that the contents of the files inside the stash appear on the target machine.
Filenames like graph.py, models.py, and piechart.py are aliases to avoid detection of sensitive operations.
If you find any vulnerabilities, please raise an issue! ⚠️

Technologies & Description

This project is developed entirely in Python.
The codebase is compact and lightweight, allowing for faster installation and execution.
All features are built using Python's built-in modules, making this project an ideal choice for beginners looking to explore package development without external dependencies.

Big thanks to all the contributors! 🎉

Contributors ✨

Thanks goes to these wonderful people:

💌 Ending Note

We thank all the contributors for playing their part in the project, we really appreciate your efforts. We encourage other contributors to explore the package and help us enhance it, your contributions are valuable.

🪪Licence

The project works by highlighting and improving security measure by demonstrating potential vulnerabilities when the system connected with pip. It is licensed under the GPL 3.0, allowing you to sneakily use and modify it as needed.

Happy sneaking! 🤫