Pyinstaller creates Trojan Virus when converting files - python-3.x

I had a perfectly normal file. I downloaded pyinstaller, created a .exe with it, and wanted to share it. I uploaded it to dropbox, filehopper and one more (cant remember which) each time i tried to share it. Every single time, when i download the file to check if it works, my computer says trojan virus detected and quarantines the file. How do I fix/whats wrong??? TIA

This is not trouble with python or .exe - this is antivirus policy. If you want to distribute your app/program you need certificate. Or you can tell your clients to disable AV (very bad solution - your reputation and trust may be trashed). Best way is to redistribute python programs is as-is with .py or (if there is need for compiling) in source format - let the clients do rest of work - open source. If you need closed source app - you buy certificate.

Related

my pyinstaller executable is not opening on other computers besides mine

The last few days, I created a site, using wix, to use as a portfolio. I left all my projects there. My sister, helping me try It, downloaded one of them, but she could not open it
The first problem was solved pretty fast. My computer uses linux, and her's uses Windows, so I just had to use a windows computer to run pyinstaller on my project. It worked
Now, I managed to create the windows executable. I tested on my windows computer, and it worked. However, my computer HAS python, while her's dont. I think the error might be my venv (virtual environment). Maybe the python interpreter she is supposed to use to run the program is in the wrong directory?
Image of what you get, after downloading my project "FastGrid":
https://i.stack.imgur.com/PS77Y.png
(sorry for using external images, It's the only way I can make a good description the situation)
The only difference between her directory and mine is that her python files have a notepad icon. However, the extension is ".py", so I don't see how that is a problem. Unless somehow her pc is opening that with notepad, without using the python interpreter, and not executing the code properly.
Also, when I tried on my computer, my antivirus thought the file was a virus, and said It would take 80 minutos to verify It. I trusted the file and tried to open It, only to get a "You might not have permission to open the file" error. I refreshed the directory and It opened sucessfullt. The same happened to my sister (without the opening part, of course). She had this error, but later, when I tried again, It simply didn't run. No errors.
Again, I think the directory "venv" may be in the wrong spot, and that's why she can't open the executable, since the project may not be able to read the files. But, if that's the case, I don't know how I should modify that.
Also, here is my site, if you think that can be helpful. You can find my projects in the "blog" part
https://lvalencacomputacao.wixsite.com/website
Thanks in advance. If I wasn't clear, please, feel free to ask your doubts on comments. I'll do my best to make the post better
Edit: The image is the project for windows, but opened in ubuntu, that's why there is a ".exe" there.
does all of your computer have python, it could probably beacuse you are using a virtual enviorment, and need to activate it before entering the the exe. the command : .\venv\Scripts\activate to activate te asets in your python project, what was the difrent from your sister computer and all of the computer, i could help you
Everyone, the problem is solved. My sister's pc is probably the one at fault, here, since the program worked in every computer I tried besides her's.
Thanks

User-friendly execution of downloaded file in Linux

On my website I need to give users an ability to download and easily start my executable (AppImage binary) on Linux.
For Windows version it is just .exe which works after downloading and clicking:
Download file
Click on file in browser downloads panel to start it
For Linux user now needs to do following:
Download file
Open folder containing file from browser downloads panel
Right click on it to add exec permission
Click on "Allow execution of this file" checkbox
Press Ok
Click on file to start it
It is hard to explain this flow for regular user, it makes users leave away.
Is it possible to minimize it to minimal clicks as on Windows?
Any advises appreciated to achieve minimal clicks. I can compile app for any format (its on electron but I can process it before upload)
I thought about using .deb . It will limit app for Debian-based only, but main problem in same time that I did not find ability to run post installation to exec app, and I don't want ask user to enter start menu.
Executable bits are a basic UNIX security measure thus it is not really easy to work around this (for good reason). Thinking about this, for the specific case of downloaded files, Windows also applies some restrictions (special NTFS stream which tells Windows Explorer to warn about the dangers of an executable file from the Internet).
You can of course provide your application as a .tar.something archive and store executable files in there. After extraction, they will normally have the correct execution bits set.
The option with the deb-package can also solve your problem (for some users) but is a little more complicated:
User downloads deb package
User clicks on deb package and has some program installed that provides a GUI for installing packages (like gdebi). Like on Windows there will be some "security check" in form of a dialog box where the user needs to enter a (sudo) password. Afterwards, apt will install the package
If the package is created correctly, it can transport the executable bit correctly such that no explicit permission change is needed afterwards. If for some reason there is need to do something post-installation, Debian packages can provide postinst scripts which run (as root!) at the end of the package's installation.
In any case, as dealing with executable files is a common procedure on Linux, it might not scare so many users away as expected. If you want to make it comfortable for the users, provide the package as they expect/like them. On Windows I would think that to be a .msi package and on Linux I prefer a package corresponding to my distribution (.deb, .rpm).
If you want the users to update their packages regularly (good for security) then it is helpful to provide a "repository" that users can add and install your package from. Of course, "the best" is having a package as part of the distribution, but that is quite some effort and needs to pass a lot of "quality assurance gates" :)

Explanation how DLL hijack of Notepad++ worked please

Notepad++ acknowledged this DLL hijack vulnerability:
https://wikileaks.org/ciav7p1/cms/page_26968090.html
I don't get from the description how it works. As a Notepad++ user I am concerned and as a developer myself I am curious too.
There is a general DLL hijack explanation here - What is dll hijacking?. A bit too general.
Does it mean that to effectively exploit this vulnerability the attacker has to first have control over my PC, using a different vector of attack, to plant a malicious version SciLexer.dll (?) into DLL search path?
If the attacker have already such power over my PC why he would bother with Notepad++. Why not to go after more core libraries or even system ones?
I also don't get implications of this remark in the WikiLeak text: For the life of me, I couldn't get this function [Scintilla_DirectFunction(..)] to be called. If this is the only exported function in that DLL, the only one called by Notepad core, how come that is is not called? That would mean also that malicious code would not be called either.
Was hacked SciLexer.dll ever actually detected, hacked by CIA or anyone else, or it is only a discovered possibility?
Also Notepad++ team in the latest release 7.3.3, in release notes claims that they "Fix CIA Hacking Notepad++ issue". Any ideas how they could do it?
A DLL hijacking attack is simple: Consider your download directory that contains many files.
If someone manages to make you download the manipulated SciLexer.dll dll it will be most likely be downloaded into your download directory. You don't do anything with the file after download, the file just remains where it has been downloaded.
Later you download a txt file from somewhere on the net and this file is also placed in the download directory.
If you now open the explorer and double click the downloaded txt file the current directory is the download directory. The dll hijack vulnerable Notepad++ version would then search for the SciLexer.dll file to be loaded in the current directory (which is now the download directory). Therefore Notepad++ would load the manipulated SciLexer.dll that you downloaded previously.
Regarding the fix you can look at the source code changes that fixes the bug.
It seems like the Nodepad++ team changed the way this dll is loaded and additionally they added a certificate check of the SciLexer.dll.

OwnCloud Remove all files prompt

I have a owncloud server and the owncloud desktop client.What I want to do is to be able to delete things server wise and have it automatically delete from the pc. The problem is that the owncloud client displays a warning message of "Remove All Files"? with the choices of Remove all files or to keep files when the files are deleted from the server. Is there a way to not have the prompt come up and automatically remove all files?
In the version 2.2.3 (maybe earlier), you can change the configuration file to disable the prompt.
See the code where the prompt is invoked and the code showing the configuration file property.
If you edit (on Windows): c:\Users\myuser\AppData\Owncloud\owncloud.cfg and add the following, under the [General] section, you will no longer get the prompt.
promptDeleteAllFiles=false
The short answer: You cannot change this currently.
The long answer: The dialog was added as a safe-guard because there were cases where you could lose all your files unintentionally, e.g. if your admin re-created your account and left it empty. The client would assume the files had gone and would replicate this (it could not know better), so it would replicate the data removal locally. The code is still there today just to be safe.
If you are fearless, you can patch Folder::slotAboutToRemoveAllFiles(). Alternatively, you could open a bug report so we can solve this for everyone. What is your motivation to be able to do this without a prompt?
PS: The sources can be found on GitHub. URL and build instructions at http://doc.owncloud.org/desktop/1.5/building.html.
I have a script that processes the files that someone drops into ownCloud and it will then move them to the final storage place. However, this prompt stops the client from syncing until I manually log in to acknowledge it... I guess I will learn how to patch this.. Dropbox doesn't do this. Google Drive doesn't do this. But since I can't use cloud services (compliance issues), I have to use this solution until I can build a new secure upload means.

How do you check the integrity of downloaded open source files?

I would like to start checking that the open source projects that I am using in my apps are what the developers released. I noticed that many projects have a SHA1 and MD5 digests presumably these can be easily tampered with for example if a hacker replaces the orginial zip file on a mirror they can also replace the .md5 and .sha1.
How can I check the integrity of third party open source libraries that I depend on?
I think , there is No trusted way for this, since the hacker may change the source files and its (md5 or sh1) files. He simply may replace the whole project with another one.
so , download the source from trusted sites such as sourceforg and code.google.com and codeproject and mirrors recommended by these sites.
typically an open source project, although open to all to download and modify themselves, the ability to actually change the uploaded files is restricted to certain individuals governed by the project owner.
A good example is https://github.com/thecodemine/formwizard, where you can see a read-only link, but cannot modify directly unless authorised.
However you can fork the project to your own account and modify as you wish, for example https://github.com/AlexKey/formwizard
I'm also guessig on large open source projects like linux distributions for example, even code / files uploaded by authorised individuals will also go through stringent reviews before official release.
A hacker of course on comprosising a system could change files at will, but this isn't a weakness of an opensource model but instead could be a problem for any project.
Also things like Code signing help detect unauthorised modification.
http://en.wikipedia.org/wiki/Code_signing
Code signing is the process of digitally signing executables and
scripts to confirm the software author and guarantee that the code has
not been altered or corrupted since it was signed by use of a
cryptographic hash.
You have not Googled your question. If you do so you'll get a lot of content about it. The link below will teach you how to check the integrity of a downloaded file.
https://help.ubuntu.com/community/HowToMD5SUM
You may also check the following link, which shows that it is very difficult to modify or replace the .md5 and .sh1 files.
Here's the link.

Resources