If you would rather watch a video guide with vocal instructions, check this out:
What is Pupy?
Pupy is an opensource, multi-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python.
It features a all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory.
In this tutorial, I'll be showing you how to setup Pupy and generate payloads for Windows, Linux and Android.
This guide is meant for educational purposes only, accessing other people's computers without appropriate permissions is illegal and I don't condone it in any way.
I am not responsible for your actions.
To get started, head over to the official Pupy GitHub repo and download the entire project as a zip file.
Extract the contents of the archive and read the text file titled 'Requirements.txt' inside the folder.
This text file contains the list of packages required for setting up Pupy - make sure you install all of them.
Generating The Payload
Once you're done installing all the packages, we're ready to generate our payload.
For this, open a terminal window in the directory which contains the 'pupygen.py' file and type:
You should now be able to see the proper usage/parameters to be used while generating the payload.
Now open a different terminal and type in the following command to find your IP address:
The highlighted IP address is the one to which you want your target machines to connect.
Note it down and close the terminal.
Here are the commands for generating payloads for Windows, Linux and Android respectively.
Replace IP:Port with the IP address that we obtained in the above step and any valid port number that is not currently in use.
For targeting 64bit machines, change exe_x86 to exe_x64.
If everything went well, it should say "payload successfully generated" and the payload should be visible in the same folder.
To begin remote administration once the payload has been deployed, open another terminal in the same folder and type in:
That will open up the Pupy shell. If it says "Server started on port <PORTNUMBER> with transport ssl", it means your port number was valid and not in use and you're all set to accept the connecting from the target machine.
Input a question mark (?) to get the list of all the available commands.
To see all the available modules, type in:
To use a particular module, follow the format:
If a module requires additional parameters, that will be specified.
Once you're done remotely administrating the machine, use the following command to disconnect all the clients:
This works over LAN. If you wish to do this over the internet, find your public IP address online and make sure that the port you select is appropriately forwarded.
A simple Windows 32bit payload generated by Pupy is around 6MB in size (pretty big) and it is in no way perfect. But it is free and opensource!
Keep that in mind while using Pupy.
That's pretty much it.
If you have any questions, feel free to ask.