Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
By Kush Pandya - Jun 06, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
github.com/codemodify/systemkit-service-spec
- Version published
- Created
Service
What
After reading a ton of material on
initframeworks and service management for different OSes; Going through mental debate of smartness of one versus another and their historical backlog and tech debt, as well as developer and user friendliness of the material provided which in itself can drive away companies and engineering force to provide support for one or another platform - THE TAKE AWAY IS - In the end what matters is to have an OS efficient and developer friendly mechanics to manipulate a service.
This repo proposes to create a portable
SERVICEdefinition that can be used by developers and businesses to implement their products on a range of platforms without worrying about misunderstanding the genius on each of those.
Reference Implementations
Where
- Use Case (A) - code
NewServiceFromSERVICE()
- creates and controls a service based on
SERVICEportable descriptionNewServiceFromName()
- finds and controls an existing service based on its name; previously created by our app or something else
NewServiceFromPlatformTemplate()
- create a service from a platform dependent template
- template is already a service definition as it is defined by the one of
initframeworks
- Use Case (B) - scripting
- manipulate a service based on a SERVICE file
systemkit-service-spec-cli create/delete/start/stop/info -service SERVICE-FILE- manipulate a service based on commands and flags
systemkit-service-spec-cli create/delete/start/stop/info -name test-service -executable vim- compile your own service manipulator binary based on the
systemkit-service-spec-clisource code
- Use Case (C) - convert
- used as an ETL mechanism, used by scripting or cloud based services
- convert
SERVICEfile to a platform dependent format- convert platform dependent format to
SERVICEformat- convert platform dependent format to a different platform dependent format, by going through
SERVICEformat
SERVICE format
{
"name": "test-service",
"description": "Test Service",
"documentation": "http://test-service.com",
"executable": "/bin/sleep",
"args": [
"40"
],
"workingDirectory": "/tmp",
"environment": {
"API_URL": "https://api.test-service.com"
},
"dependsOn": [
"network"
],
"dependsOnOverrides": {
"init_rc.d": {
"remove": [
"*"
],
"add": [
"bumblebee",
"mumbled"
]
},
"init_systemd": {
"add": [
"printer"
]
},
"os_freebsd": {
"add": [
"linux"
]
},
"os_linux": {
"add": [
"bluetooth"
]
}
},
"start": {
"atBoot": true,
"restart": true,
"restartTimeout": 10
},
"logging": {
"stdout": {
"disabled": false,
"useDefault": false,
"value": "/var/log/test-service-stdout.log"
},
"stderr": {
"disabled": false,
"useDefault": false,
"value": "/var/log/test-service-stderr.log"
}
},
"credentials": {
"user": "user",
"group": "group"
}
}
References & Credits
Any missing credits are the author's unconscious error
- https://en.wikipedia.org/wiki/Operating_system_service_management
- https://nosystemd.org
- https://ungleich.ch/en-us/cms/blog/2019/05/20/linux-distros-without-systemd
- https://lwn.net/Articles/578209/
- https://lwn.net/Articles/578210/
- https://en.wikipedia.org/wiki/Init
- https://www.freebsd.org/doc/en_US.ISO8859-1/articles/linux-users/startup.html
- https://sosheskaz.github.io/tutorial/2017/03/28/FreeBSD-rcd-Setup.html
- https://www.freebsd.org/doc/en_US.ISO8859-1/articles/rc-scripting/index.html
- https://www.freedesktop.org/software/systemd/man/systemd.unit.html
- https://www.freedesktop.org/software/systemd/man/systemd.service.html
- https://www.freedesktop.org/software/systemd/man/systemd.directives.html
- https://www.manpagez.com/man/5/launchd.plist
FAQs
Unknown package
Package last updated on 24 Jan 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025