October 4, 2022


A Code for Advancement

PyPI Aspect Executes Code Automatically Soon after Python Deal Down load

In another finding that could expose developers to improved possibility of a supply chain assault, it has emerged that almost one particular-3rd of the offers in PyPI, the Python Deal Index, result in automatic code execution upon downloading them.

“A stressing function in pip/PyPI permits code to automatically run when developers are basically downloading a deal,” Checkmarx researcher Yehuda Gelb reported in a specialized report published this 7 days.

“Also, this attribute is alarming because of to the actuality that a wonderful offer of the malicious packages we are acquiring in the wild use this feature of code execution on installation to attain better infection fees.”

A single of the means by which offers can be set up for Python is by executing the “pip set up” command, which, in transform, invokes a file identified as “setup.py” that arrives bundled along with the module.


“set up.py,” as the identify implies, is a set up script that is utilized to specify metadata associated with the bundle, which include its dependencies.

Even though danger actors have resorted to incorporating destructive code in the set up.py file, Checkmarx identified that adversaries could alternatively achieve the exact same targets when builders operate what’s known as a “pip download” command.

“pip obtain does the exact resolution and downloading as pip set up, but as an alternative of setting up the dependencies, it collects the downloaded distributions into the directory delivered (defaulting to the recent directory),” the documentation reads.

PyPi Code Execution

In other words and phrases, the command can be utilized to download a Python package deal devoid of getting to set up it on the program. But as it turns out, executing the obtain command also runs the aforementioned “set up.py” script, resulting in the execution of malicious code contained within it.

On the other hand, it really is well worth noting that the situation happens only when the bundle has a tar.gz file instead of a wheel (.whl) file, which “cuts the ‘setup.py’ execution out of the equation.”

“Builders opting to obtain, in its place of setting up packages, are fairly expecting that no code will operate on the equipment upon downloading the information,” Gelb noted, characterizing it as a structure issue rather than a bug.

Though pip defaults to working with wheels as an alternative of tar.gz data files, an attacker could acquire edge of this habits to deliberately publish python deals without having a .whl file, main to the execution of the destructive code present in the set up script.


“When a user downloads a python bundle from PyPi, pip will preferentially use the .whl file, but will tumble back to the tar.gz file if the .whl file is missing,” Gelb mentioned.

The conclusions appear as the U.S. National Protection Company (NSA), alongside with the Cybersecurity and Infrastructure Safety Company (CISA) and the Workplace of the Director of Nationwide Intelligence (ODNI), introduced assistance for securing the computer software source chain.

“As the cyber threat carries on to grow to be much more advanced, adversaries have started to assault the application provide chain, relatively than count on publicly acknowledged vulnerabilities,” the agency said. “Until finally all DevOps are DevSecOps, the software package improvement lifecycle will be at hazard.”