Skip to content

Pynject's Future

Jump to bottom
Alec Cureau edited this page Mar 16, 2022 · 2 revisions

Shift in Direction

Hello everyone, if you're reading this I'm going to assume you're interested in the future of Pynject. I am writing up this document because my idea of what a completed Pynject looks like has drastically shifted and my work on this project will reflect my change of perspective.

My reason for starting this project was to assist me in reversing a closed-source Python application. In turn, my scope was quite large. I wrote a simple executor to store, inject, and debug my scripts. I wrote an inspector so I could visualize how the program was laid out. With these two tools I finished the reversing process. I didn't want to stop working on Pynject though, and began working on a payload for debugging.

When I didn't have a target in front of me, it was clear that I was bundling too much functionality with a simple utility. I have made good progress in the way of closed-source Python analysis, and I want to continue doing so, but not here. I am currently in the very early stages of writing a new program specifically for Python reverse engineering and the following roadmap will explain how that will change this project.

End Goal

Pynject, as the name implies, is a Python code injection utility. The completed project will support major operating systems, allow for interpreter injection alongside attaching to existing interpreter instances, and implement an interactive shell.

Roadmap

The first priority will be supporting Linux and MacOS, I still need to do research on code injection on these platforms. I have no timeline, but this will be how everything rolls out. If you want to contribute, feel free to assist in any area.

  1. Linux Support
  2. MacOS Support
  3. Interpreter Injection
    • CLI support for injecting.
    • Scan for Python installations, allow version specification.
    • Library function to initialize interpreter.
  4. Shell
    • CLI support for optional shell initialization.
    • Probably just going to feed stdin -> exec()
  5. Payload Removal
    • When the features provided by the payloads have been implemented in my second project, they will be removed from this project.

Beyond this there will only be management; refactoring, updating, and possibly porting to new platforms.

Clone this wiki locally