Skip to main content

Lightweight Remote Code Execution (RCE) & Obfuscation module using dpaste.com API v2 and GitHub Raw URLs

Project description

PyVaultV2

Lightweight Remote Code Execution (RCE) & Obfuscation Module

Backend: dpaste.com API v2 (primary) + GitHub Raw URLs (fallback)
Author: Diwas XD


Features

  • Upload local Python files to dpaste.com with built-in obfuscation (zlib + base64)
  • Remote Execution of code via short dpaste session IDs or direct GitHub Raw URLs
  • Custom User-Agent header on every request for identification
  • Zero third-party code storage — your real code never touches external databases
  • Robust error handling for missing files, network failures, 404s, and execution tracebacks
  • Automatic de-obfuscation when fetching obfuscated payloads back

Installation

pip install PyVaultV2

Quick Start

1. Upload a local file to dpaste.com

from pyvaultv2 import CodeManager

session_id = CodeManager.enc("my_secret.py", expiry_days=7)
# Output:
# [PyVaultV2] Upload successful!
# [PyVaultV2] Session ID : ABCDEF
# [PyVaultV2] URL        : https://dpaste.com/ABCDEF

2. Execute code via session ID

CodeManager.run("ABCDEF")
# [PyVaultV2] Fetching from dpaste session: https://dpaste.com/ABCDEF.txt
# [PyVaultV2] Executing remote code ...
# [PyVaultV2] Done.

3. Execute code via GitHub Raw URL

CodeManager.run("https://raw.githubusercontent.com/user/repo/main/script.py")
# [PyVaultV2] Fetching code from URL: https://raw.githubusercontent.com/...
# [PyVaultV2] Executing remote code ...
# [PyVaultV2] Done.

4. Convenience aliases

from pyvaultv2 import upload, execute

upload("my_code.py")
execute("ABCDEF")

API Reference

CodeManager.enc(file_path, expiry_days=7)

Reads a local Python file, obfuscates it, and uploads it to dpaste.com.

Parameter Type Default Description
file_path str Path to the local .py file
expiry_days int 7 dpaste.com retention period in days

Returns: str | None — The dpaste session ID, or None on failure.

CodeManager.run(target)

Fetches remote Python code and executes it via exec().

Parameter Type Default Description
target str dpaste session ID, full URL, or GitHub Raw URL

Returns: None — Executes code in a clean namespace.


How Obfuscation Works

Source Code → zlib.compress() → base64.b64encode() → Upload to dpaste
dpaste Response → base64.b64decode() → zlib.decompress() → exec()

The obfuscated payload uses symmetric compression + encoding with no external crypto dependencies. The real code is never stored in plaintext on dpaste.


Error Handling

PyVaultV2 handles the following error cases gracefully:

Error Type Behaviour
Missing file Prints error, returns None
Empty file Prints error, returns None
Network failure Prints error, returns None
HTTP 404 (not found) Prints error
HTTP non-200 Prints error with response body
Invalid session ID Prints error
Syntax error in code Prints traceback
Execution exception Prints full traceback

Publishing to PyPI

# 1. Install build tools
pip install --upgrade build twine

# 2. Build distribution
python -m build

# 3. Upload to PyPI
twine upload dist/*

License

MIT License — Copyright (c) 2026 Diwas XD


Disclaimer

This module is intended for educational and authorized testing purposes only. Never use remote code execution on systems you do not own or have permission to test.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyvaultv2-2.1.0.tar.gz (8.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pyvaultv2-2.1.0-py3-none-any.whl (8.5 kB view details)

Uploaded Python 3

File details

Details for the file pyvaultv2-2.1.0.tar.gz.

File metadata

  • Download URL: pyvaultv2-2.1.0.tar.gz
  • Upload date:
  • Size: 8.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for pyvaultv2-2.1.0.tar.gz
Algorithm Hash digest
SHA256 c0c91ceba83585b50b0649f7159a3ce8ac867a9c3bb5c2645618309aab2ae567
MD5 1f2d9ac6c6af0856df2dec39ea69821a
BLAKE2b-256 98f2f45fc4082ca1e3a113de15811254ede229a72d70eb389d60b1d2a5593b3e

See more details on using hashes here.

File details

Details for the file pyvaultv2-2.1.0-py3-none-any.whl.

File metadata

  • Download URL: pyvaultv2-2.1.0-py3-none-any.whl
  • Upload date:
  • Size: 8.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.3

File hashes

Hashes for pyvaultv2-2.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 635be584d499b0ae07ca2b5a234dd6c04f8922f6f160c6bf13cf8b4d6856736f
MD5 18b53f242df67481274e3b3d9e7726e5
BLAKE2b-256 709dddf9d0f20fcb9bd62baf0fc755ede66de691de960f4de1f0a632e112c0a5

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page