From 524f2eaa0114fe05506b908e24665afc84902afe Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 00:36:54 -0400 Subject: [PATCH 1/6] Update README.md --- README.md | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3ed2a98b..53f5ea04 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,16 @@ [![Build Status](https://api.travis-ci.org/n1nj4sec/pupy.svg?branch=unstable)](https://travis-ci.org/n1nj4sec/pupy) # Pupy + +This isn't really a fork. But https://github.com/alxchk/pupy has done so much work. I figured I oculd help with some ddocumentation and what not. + +## Quick docker install and configure + Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory. Pupy modules can transparently access remote python objects using rpyc to perform various interactive tasks. Pupy can generate payloads in multiple formats like PE executables, reflective DLLs, pure python files, powershell, apk, ... When you package a payload, you can choose a launcher (connect, bind, ...), a transport (ssl, http, rsa, obfs3, scramblesuit, ...) and a number of "scriptlets". Scriptlets are python scripts meant to be embedded to perform various tasks offline (without requiring a session), like starting a background script, adding persistence, starting a keylogger, detecting a sandbox, ... -## Installation +## Installation (it doesn't really work like this any more) ``` git clone https://github.com/n1nj4sec/pupy.git pupy cd pupy @@ -14,7 +19,7 @@ git submodule update pip install -r pupy/requirements.txt wget https://github.com/n1nj4sec/pupy/releases/download/latest/payload_templates.txz tar xvf payload_templates.txz && mv payload_templates/* pupy/payload_templates/ && rm payload_templates.txz && rm -r payload_templates -``` +```{ or [Refer to the wiki](https://github.com/n1nj4sec/pupy/wiki/Installation) ## Features From 4b1ecde1897f5f587d144a21b951cc907cc56cb2 Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 01:43:30 -0400 Subject: [PATCH 2/6] added short docker help to top of README put a short docker walkthrough at the top of the README (before it cuts off and people have to click read more, trying to let the users know alxchk's pupy is working) --- README.md | 41 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/README.md b/README.md index 53f5ea04..de5e05c1 100644 --- a/README.md +++ b/README.md @@ -4,6 +4,47 @@ This isn't really a fork. But https://github.com/alxchk/pupy has done so much work. I figured I oculd help with some ddocumentation and what not. ## Quick docker install and configure +Lots of things are in various states of +development but this will get a server up for +you. I can confirm the linux clients work and the +windows clients build. + +I've confirmed this easy method on debian sid, +but it stands to reason it should work anywhere +docker does. +If you don't have an id_rsa.pub file, create one +with ssh-keygen +Just run it without arguments +``` +docker pull alxchk/pupy:unstable +docker run -d -p 2022:22 -v /tmp/projects:/projects alxchk/pupy:unstable +cp ~/.ssh/id_rsa.pub /tmp/projects/keys/authorized_keys +ssh -p 2022 pupy@127.0.0.1 +config set gen os linux +gen -D /projects/default/ +``` +Grats, you're in a pupy shell. You can not use +help to find commands, edit the config, generate +clients, etc.. You'll want to use the -D +/projects/default/ when generating clients, it +makes it easy to pop back over on your +host machine and pull them out of +/tmp/projects/default since those volumes are +bound together. + +If you can't make a shared key or otherwise +refuse to, you can try docker exec but be careful +not to break your container. +``` +docker exec -it +``` +I'd recommend using a shell as a command if you +go this route, else you lose your tab competion. + +Enjoy! Much appreciation to alxchk for all of his +hard work. + +## Description Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android), multi function RAT (Remote Administration Tool) and post-exploitation tool mainly written in python. It features an all-in-memory execution guideline and leaves very low footprint. Pupy can communicate using various transports, migrate into processes (reflective injection), load remote python code, python packages and python C-extensions from memory. Pupy modules can transparently access remote python objects using rpyc to perform various interactive tasks. From cfa0a5001961a6c44869fce905c8d312a4679d41 Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 01:45:56 -0400 Subject: [PATCH 3/6] Update README.md --- README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index de5e05c1..24e5b06d 100644 --- a/README.md +++ b/README.md @@ -20,11 +20,13 @@ docker pull alxchk/pupy:unstable docker run -d -p 2022:22 -v /tmp/projects:/projects alxchk/pupy:unstable cp ~/.ssh/id_rsa.pub /tmp/projects/keys/authorized_keys ssh -p 2022 pupy@127.0.0.1 +``` +Grats your in a pupy shell, lets build a client and export it. +``` config set gen os linux gen -D /projects/default/ ``` -Grats, you're in a pupy shell. You can not use -help to find commands, edit the config, generate +You can not use help to find commands, edit the config, generate clients, etc.. You'll want to use the -D /projects/default/ when generating clients, it makes it easy to pop back over on your From 6096d01644b1de46d9ff157557b14465209c5c23 Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 01:46:42 -0400 Subject: [PATCH 4/6] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 24e5b06d..8b0542ff 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ Grats your in a pupy shell, lets build a client and export it. config set gen os linux gen -D /projects/default/ ``` -You can not use help to find commands, edit the config, generate +You can now use help to find commands, edit the config, generate clients, etc.. You'll want to use the -D /projects/default/ when generating clients, it makes it easy to pop back over on your From db4906e12e77076772e399a1deabc3fbff482c50 Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 01:47:50 -0400 Subject: [PATCH 5/6] Update README.md --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 8b0542ff..52e8e2d7 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,6 @@ [![Build Status](https://api.travis-ci.org/n1nj4sec/pupy.svg?branch=unstable)](https://travis-ci.org/n1nj4sec/pupy) # Pupy -This isn't really a fork. But https://github.com/alxchk/pupy has done so much work. I figured I oculd help with some ddocumentation and what not. - ## Quick docker install and configure Lots of things are in various states of development but this will get a server up for From 3c1d80dd232d3a7424d0a56dc41aa67eb525ebe1 Mon Sep 17 00:00:00 2001 From: kefka hacks <8886247+kefkahacks@users.noreply.github.com> Date: Fri, 17 Aug 2018 01:51:40 -0400 Subject: [PATCH 6/6] Update README.md --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 52e8e2d7..73e2f3a7 100644 --- a/README.md +++ b/README.md @@ -24,6 +24,7 @@ Grats your in a pupy shell, lets build a client and export it. config set gen os linux gen -D /projects/default/ ``` +You can find your pupy clients in /tmp/projects/default on the host. You can now use help to find commands, edit the config, generate clients, etc.. You'll want to use the -D /projects/default/ when generating clients, it