How to install Pupy
Pupy is an open source tool for cross-platform remote administration (Windows, Linux, OSX, Android are supported as “clients”) and post-exploitation. Written mostly in Python.
Simply say, this program will create backdoors for different OSs, perform actions to add persistence on remote systems, perform exploits to collect data, increase the privileges, to download or upload files, screen capture, keylogging, etc. At the same time, Pupy also perfectly is suitable for legitimate remote administration of systems.
Potential uses of Pupy:
- Security research
- Education
- Penetration testing
- System Administration
- Privacy focused python projects requiring low disk footprints
- And more…
More information about Pupy you will find here: https://en.kali.tools/?p=932
This is one of several articles about Pupy. In this one the installation is described step by step. The following articles will discuss the principles of the program, basic concepts, practical examples of use.
Those interested in this topic also recommend the article ‘Concealed control of a Windows-based computer’ dedicated to similar tools in Metasploit.
How to install Pupy in Kali Linux
The author of the program offers two installation options: directly to the system and using Docker.
This program has a bug (about it will be slightly lower) due to incompatibility with the latest version of one of the Python module. This bug leads to the fact that Pupy does not work in listen mode (it cannot accept connections). When using Docker, errors are not displayed on the screen and it is difficult to understand what the problem is. But much worse is that it is not clear how to fix the problem with the library in this container.
Therefore, I will consider two options for installation — directly into the system and using Docker — but I recommend using the installation option directly into the system.
How to install Pupy on Kali Linux without Docker
Run the following commands:
sudo apt install git libssl1.0-dev libffi-dev python-dev python-pip build-essential swig tcpdump python-virtualenv git clone --recursive https://github.com/n1nj4sec/pupy cd pupy python create-workspace.py -DG pupyw
To fix the error:
sudo pip2 install rpyc==3.4.4
For start:
export PATH=$PATH:~/.local/bin; pupysh pupyws/bin/pupysh
Installing Pupy on Kali Linux using Docker
To install and run Docker, run the following commands:
git clone https://github.com/alxchk/pupy cd pupy
Open the install.sh file and replace the line there:
if [ "$EUID" == 0 ]
with
if [ "$EUID" == 100500 ]
Then run the commands:
./install.sh sudo pip uninstall backports.ssl-match-hostname sudo apt-get install python-backports.ssl-match-hostname
To run the program:
./start-compose.sh
Installation in BlackArch
Installation in BlackArch is as follows:
sudo pacman -S pupy
To fix the bug, you need to remove the new version of one of the Python packages, so that the system does not remove Pupy itself, for which this file is a mandatory dependency:
sudo pacman -Rdd python2-rpyc
And install a version that does not cause problems:
sudo pip2 install rpyc==3.4.4
But payloads, which I generated in BlackArch, do not to connect to the controlling computer…
Solving the problem with the ‘Cannot read wireshark manuf database’ error
When you run Pupy, see if the line is there:
Cannot read wireshark manuf database
If present, then there is a serious error. Details about this bug here: https://github.com/n1nj4sec/pupy/issues/622
The problem is that when the Victim’s computer tries to connect to the Attacker’s computer, the following error appears:
Exception AttributeError: AttributeError("'PupyConnection' object has no attribute '_closed'",) in <object repr() failed> ignored Exception in thread Authentication Thread (192.168.1.117:49824): Traceback (most recent call last): File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner self.run() File "/usr/lib/python2.7/threading.py", line 754, in run self.__target(*self.__args, **self.__kwargs) File "/usr/share/pupy/network/lib/servers.py", line 135, in _setup_connection config=config File "/usr/share/pupy/network/lib/connection.py", line 269, in __init__ Connection.__init__(self, *args, **kwargs) TypeError: __init__() got an unexpected keyword argument '_lazy' Exception AttributeError: AttributeError("'PupyConnection' object has no attribute '_closed'",) in <object repr() failed> ignored
That is, the listening mode for the reverse shell in Pupy does not actually work.
The problem is solved by downgrading the version of the rpyc package to 3.4.4:
sudo pip2 install rpyc==3.4.4