
Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
Copyright © 2017–2022 Spyder Project Contributors Copyright © 2022– Edgar Andrés Margffoy Tuay
PyWinpty allows creating and communicating with Windows processes that receive input and print outputs via console input and output pipes. PyWinpty supports both the native ConPTY interface and the previous, fallback winpty library.
To compile pywinpty sources, you must have Rust installed. Optionally, you can also have Winpty's C header and library files available on your include path.
You can install this library by using conda or pip package managers, as it follows:
Using conda (Recommended):
conda install pywinpty
Using pip:
pip install pywinpty
To build from sources, you will require both a working stable or nightly Rust toolchain with
target x86_64-pc-windows-msvc
, which can be installed using rustup.
Optionally, this library can be linked against winpty library, which you can install using conda-forge:
conda install winpty -c conda-forge
If you don't want to use conda, you will need to have the winpty binaries and headers available on your PATH.
Finally, pywinpty uses Maturin as the build backend, which can be installed using pip
:
pip install maturin
To test your compilation environment settings, you can build pywinpty sources locally, by executing:
maturin develop
This package depends on the following Rust crates:
Pywinpty offers a single python wrapper around winpty library functions.
This implies that using a single object (winpty.PTY
) it is possible to access to all functionality, as it follows:
# High level usage using `spawn`
from winpty import PtyProcess
proc = PtyProcess.spawn('python')
proc.write('print("hello, world!")\r\n')
proc.write('exit()\r\n')
while proc.isalive():
print(proc.readline())
# Low level usage using the raw `PTY` object
from winpty import PTY
# Start a new winpty-agent process of size (cols, rows)
cols, rows = 80, 25
process = PTY(cols, rows)
# Spawn a new console process, e.g., CMD
process.spawn(br'C:\windows\system32\cmd.exe')
# Read console output (Unicode)
process.read()
# Write input to console (Unicode)
process.write(b'Text')
# Resize console size
new_cols, new_rows = 90, 30
process.set_size(new_cols, new_rows)
# Know if the process is alive
alive = process.isalive()
# End winpty-agent process
del process
We use pytest to run tests as it follows (after calling maturin develop
), the test suite depends
on pytest-lazy-fixture, which can be installed via pip:
pip install pytest pytest-lazy-fixture flaky
All the tests can be exceuted using the following command
python runtests.py
Visit our CHANGELOG file to learn more about our new features and improvements.
We follow PEP8 and PEP257 for pure python packages and Rust to compile extensions. We use MyPy type annotations for all functions and classes declared on this package. Feel free to send a PR or create an issue if you have any problem/question.
FAQs
Pseudo terminal support for Windows from Python.
We found that pywinpty demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
Security News
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
Product
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.