Ingest OSV - Cloud Storage

github-actions · github-actions · commit ed21ee960ebb · 2026-03-25T07:50:26.000Z
diff --git a/config/start-keys.yaml b/config/start-keys.yaml
@@ -3,7 +3,7 @@ amazon-inspector:
 kam193:
     pypi/packages/malicious/osv/: 68c79282aac2d3cfce2c6fbe395472370c021052
     pypi/packages/pentest/osv/: 0d65fa30569acb74a4cd2f6968297f9cf794b510
-    pypi/packages/probably_pentest/osv/: a6c23b5f3cb4d8c457bdb72fa8ce0a8d32ae473c
+    pypi/packages/probably_pentest/osv/: e2101cdce9fb3f5aefb31e20aaa34c51dd44ed18
 ossf-package-analysis:
     confident/: confident/20260323/094949-npm-unhandledrejection1-1.0.2.json
 reversing-labs:
diff --git a/osv/malicious/pypi/vision-service-python-client-internal/MAL-0000-kam193-ea39ef97e61556ba.json b/osv/malicious/pypi/vision-service-python-client-internal/MAL-0000-kam193-ea39ef97e61556ba.json
@@ -0,0 +1,51 @@
+{
+  "modified": "2026-03-25T06:58:31Z",
+  "published": "2026-03-25T06:58:31Z",
+  "schema_version": "1.7.4",
+  "id": "",
+  "summary": "Pentesting or research code in vision-service-python-client-internal (PyPI)",
+  "details": "Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose.\n\n\n---\n\nCategory: PROBABLY_PENTEST - Packages looking like typical pentest packages, but also anything that looks like testing, exploring pre-prepared kits, research \u0026 co, with clearly low-harm possibilities.\n\n\nCampaign: GENERIC-standard-pypi-install-pentest\n\n\nReasons (based on the campaign):\n\n\n - The package contains code to exfiltrate basic data from the system, like IP or username. It has a limited risk.\n\n\n - The package overrides the install command in setup.py to execute malicious code during installation.\n\n",
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "vision-service-python-client-internal"
+      },
+      "versions": [
+        "0.0.1",
+        "0.3.156"
+      ]
+    }
+  ],
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://bad-packages.kam193.eu/pypi/package/vision-service-python-client-internal"
+    }
+  ],
+  "credits": [
+    {
+      "name": "Kamil Mańkowski (kam193)",
+      "type": "REPORTER",
+      "contact": [
+        "https://github.com/kam193",
+        "https://bad-packages.kam193.eu/"
+      ]
+    }
+  ],
+  "database_specific": {
+    "malicious-packages-origins": [
+      {
+        "source": "kam193",
+        "sha256": "ea39ef97e61556ba1ef289f438f9401ced47328bd49f096401ed4795792c8f7a",
+        "import_time": "2026-03-25T07:50:16.763778755Z",
+        "id": "pypi/GENERIC-standard-pypi-install-pentest/vision-service-python-client-internal",
+        "modified_time": "2026-03-25T06:58:31.618289Z",
+        "versions": [
+          "0.0.1",
+          "0.3.156"
+        ]
+      }
+    ]
+  }
+}
