How to install Pupy

Pupy is an open source tool for cross-platform remote administration (Windows, Linux, OSX, Android are supported as “clients”) and post-exploitation. Written mostly in Python.

Simply say, this program will create backdoors for different OSs, perform actions to add persistence on remote systems, perform exploits to collect data, increase the privileges, to download or upload files, screen capture, keylogging, etc. At the same time, Pupy also perfectly is suitable for legitimate remote administration of systems.

Potential uses of Pupy:

• Security research
• Education
• Penetration testing
• System Administration
• Privacy focused python projects requiring low disk footprints
• And more…

More information about Pupy you will find here: https://en.kali.tools/?p=932

This is one of several articles about Pupy. In this one the installation is described step by step. The following articles will discuss the principles of the program, basic concepts, practical examples of use.

Those interested in this topic also recommend the article ‘Concealed control of a Windows-based computer’ dedicated to similar tools in Metasploit.

How to install Pupy in Kali Linux

The author of the program offers two installation options: directly to the system and using Docker.

This program has a bug (about it will be slightly lower) due to incompatibility with the latest version of one of the Python module. This bug leads to the fact that Pupy does not work in listen mode (it cannot accept connections). When using Docker, errors are not displayed on the screen and it is difficult to understand what the problem is. But much worse is that it is not clear how to fix the problem with the library in this container.

Therefore, I will consider two options for installation — directly into the system and using Docker — but I recommend using the installation option directly into the system.

How to install Pupy on Kali Linux without Docker

Run the following commands:

sudo apt install git libssl1.0-dev libffi-dev python-dev python-pip build-essential swig tcpdump python-virtualenv
git clone --recursive https://github.com/n1nj4sec/pupy
cd pupy
python create-workspace.py -DG pupyw

To fix the error:

sudo pip2 install rpyc==3.4.4

For start:

export PATH=$PATH:~/.local/bin; pupysh
pupyws/bin/pupysh

Installing Pupy on Kali Linux using Docker

To install and run Docker, run the following commands:

git clone https://github.com/alxchk/pupy
cd pupy

Open the install.sh file and replace the line there:

if [ "$EUID" == 0 ]

with

if [ "$EUID" == 100500 ]

Then run the commands:

./install.sh
sudo pip uninstall backports.ssl-match-hostname
sudo apt-get install python-backports.ssl-match-hostname

To run the program:

./start-compose.sh

Installation in BlackArch

Installation in BlackArch is as follows:

sudo pacman -S pupy

To fix the bug, you need to remove the new version of one of the Python packages, so that the system does not remove Pupy itself, for which this file is a mandatory dependency:

sudo pacman -Rdd python2-rpyc

And install a version that does not cause problems:

sudo pip2 install rpyc==3.4.4

But payloads, which I generated in BlackArch, do not to connect to the controlling computer…

Solving the problem with the ‘Cannot read wireshark manuf database’ error

When you run Pupy, see if the line is there:

Cannot read wireshark manuf database

If present, then there is a serious error. Details about this bug here: https://github.com/n1nj4sec/pupy/issues/622

The problem is that when the Victim’s computer tries to connect to the Attacker’s computer, the following error appears:

Exception AttributeError: AttributeError("'PupyConnection' object has no attribute '_closed'",) in <object repr() failed> ignored
Exception in thread Authentication Thread (192.168.1.117:49824):
Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
    self.run()
  File "/usr/lib/python2.7/threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "/usr/share/pupy/network/lib/servers.py", line 135, in _setup_connection
    config=config
  File "/usr/share/pupy/network/lib/connection.py", line 269, in __init__
    Connection.__init__(self, *args, **kwargs)
TypeError: __init__() got an unexpected keyword argument '_lazy'
 
Exception AttributeError: AttributeError("'PupyConnection' object has no attribute '_closed'",) in <object repr() failed> ignored

That is, the listening mode for the reverse shell in Pupy does not actually work.

The problem is solved by downgrading the version of the rpyc package to 3.4.4:

sudo pip2 install rpyc==3.4.4