当前位置:首页 > 报告详情

Excel中嵌入式Python的问题或者说如何用Pandas碾压Excel.pdf

上传人: 竿*** 编号:981821 2025-11-29 37页 2.71MB

1、#BHAS BlackHatEventsThe Problems of Embedded Python in Excel(How to excel in pwning pandas)#BHAS BlackHatEventsWho are we?Shalom CarmelCIO GlobalDOfir CarmelCS Student#BHAS BlackHatEventsTL;DRThe facts Excel 365 runs python which refers to spreadsheet data The python code and the data are sent over

2、to Microsoft for processingI found out that We can play with and modify the PY cloud runtime environment PY cloud runtime environments seem to be shared between sessions11 See March 27,2025 update#BHAS BlackHatEventsWork In Progress/Proof Of Concepthttps:/ BlackHatEventsThank you,GlobalDots HRHR mad

3、e me take PTO near the end of the year.My wife told me to fix the shed.I pleaded for a couple of hours to look at some new productivity stuff.This is the result,some days and nights later#BHAS BlackHatEventsTimeline Introduction The PY environment Execution of remote server code Shared user sessions

4、(?)Uploading of custom binary files Live demo Summary Q&A#BHAS BlackHatEventsIntroduction Excel is used by millions worldwide,and Excel 365 supports python The Python environment is geared at heavy data processing business and academia users It is expected to be a secure and private environment Prev

5、alence of VB macros&automation in the finance sector#BHAS BlackHatEventsExcel-specific embedded Python extensions=PY()Excel formula The xl()python function refers to Excel cells and ranges CTRL+Enter sends the code to execution Input options:cells,ranges,named ranges,tables Output options:pandas dat

6、aframes,lists,discrete values,python objects#BHAS BlackHatEventsHow it works?https:/ BlackHatEventsHow it works?#BHAS BlackHatEventsArchitecture365EntitlementData+py CodeResults#BHAS BlackHatEventsPython in Excel Security*The container has Python and a curated set of secured libraries provided by An

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
根据报告的内容,全文主要内容概括如下: - Excel 365支持Python,用于数据处理,提供安全且私密的运行环境。 - 使用=PY()公式和xl()函数在Excel中执行Python代码,输出pandas数据框等。 - Python代码运行在Microsoft云容器中,无访问用户设备或账户权限。 - 支持Jupyter魔法命令,如%system、%sx等。 - 用户可安装自定义Python模块,如fabric、nmap等。 - 2025年2月后,每个用户每个文件使用独立容器,提高安全性。 - 可通过PowerQuery上传二进制文件,但需注意安全风险。 - 可通过注册表策略阻止Python功能。 - 研究方向包括Jupyter平台、容器突破可能性、数据泄露和拒绝服务攻击。
"Excel Python安全漏洞揭秘" "如何利用Excel Python提升数据分析能力?" 容器突破风险分析"
客服
商务合作
小程序
服务号
折叠