From 8b6beb833497ce65e26ef9cbb237e621aeb28491 Mon Sep 17 00:00:00 2001 From: n1nj4sec Date: Sun, 12 Mar 2017 13:56:19 +0100 Subject: [PATCH] change default conf to make it works on a internal pentest without internet access --- pupy/pupy.conf.default | 13 +++++++++++-- pupy/pupylib/PupyDnsCnc.py | 6 ++++-- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/pupy/pupy.conf.default b/pupy/pupy.conf.default index 9bee8943..09b4c560 100644 --- a/pupy/pupy.conf.default +++ b/pupy/pupy.conf.default @@ -4,9 +4,18 @@ transport = ssl port = 443 ipv6 = true -igd = true + +#igd=True allow pupy to make UPNP requests to get you external IP. +igd = false + +#httpd=true wraps your transport in a HTTP transport. httpd = false -dnscnc = localhost:5454 + +#dnscnc = localhost:5454 starts the DNS cnc listener on the port 5454. +dnscnc = false + +# allow requests to services like ifconfig.co to automatically retrieve public IP +allow_requests_to_external_services = false [ssl] client_cert_required = true diff --git a/pupy/pupylib/PupyDnsCnc.py b/pupy/pupylib/PupyDnsCnc.py index e7644f5b..c49acd19 100644 --- a/pupy/pupylib/PupyDnsCnc.py +++ b/pupy/pupylib/PupyDnsCnc.py @@ -1,5 +1,5 @@ # -*- coding: utf-8 -*- - +import logging from PupyCredentials import Credentials from network.lib.picocmd.server import * from network.lib.picocmd.picocmd import * @@ -64,6 +64,7 @@ class PupyDnsCnc(object): credentials = credentials or Credentials() config = config or PupyConfig() + self.config = config connect_host = connect_host or config.getip('pupyd', 'address') @@ -201,7 +202,8 @@ class PupyDnsCnc(object): def _external_ip(self): if self.igd and self.igd.available: return self.igd.GetExternalIP()['NewExternalIPAddress'] - else: + elif self.config.getboolean('pupyd', 'allow_requests_to_external_services'): + logging.warning("Sending HTTP request to http://ifconfig.co to retrieve public IP ...") response = requests.get('http://ifconfig.co', headers={ 'User-Agent': 'curl/7.50.0' })