This is not an issue, it is a reference for the correct way to implement things for the docker install of pupy.

In #643, I brought up the issue of using SSH to access the docker container. This is inefficient and runs contrary to Docker's design philosophy of "one app per container". I propose removing all references to access via SSH, including pupyenv.sh.

There are some other general guidelines that I will outline below. Assuming I can eventually get docker to build without crashing (#645), I will implement these myself.

Docker should be set up via Docker Compose by default for all supported systems. The Debian 9 installation option should be supported, but not recommended. The Docker Compose installation should be transparent to the end user as well; someone with no prior docker experience should be able to use it without trouble.

The installation procedure should go as follows:

1. Git clone the repo.
2. Execute the installer script from an install of either Debian Stable or Kali Rolling
3. Once the install has finished, a wrapper script can be used to run docker compose up, i.e. via a hypothetical pupy_start.sh.

The technical workings of the installation should be as follows:

(Note: All of this will be automated by the installer script. The end user will not need to do any of this.)

1. Docker should be installed via the get.docker.com script on D9, or via the method described here for Kali. I tested the latter last month.

2. Docker Compose should be installed via this method.

3. The pupy server should be launched from the docker-compose.yml file, with all relevant directories in the container mounted as local folders.

   • /opt/pupy/output:./output
   • /opt/pupy/conf:./conf

Not sure how to phrase this, but it would be perhaps interesting to make the communication channel modular, so that you can have whatever communication channel you can think of implemented (DNS, ICMP, UDP, etc), so long as it passes a functioning filedescriptor for a socket object back to the main implant/client.

This way modules can be written for C&C channels over say, UDP, DNS, ICMP... etc.

@alxchk Given that the main project seems to be abandoned, I suggest duplicating the repository and renaming it to something indicative of progression (i.e. "pupy2"), and make yourself the official maintainer. You are basically filling that role anyway, so at this point it is just a matter of formality.

It is difficult for newcomers to figure out which is the most up to date branch of the project, creating needless headache for everyone.

As an aside, I would also recommend having two branches, (main and unstable) instead of just unstable, which is how you currently have it.

What do you think?

I copied the lib-tk folder into the packages/all folder, but when i try to run a tkinter program it gives me this error:

>>> execfile('C:/textedit.py')
PupyPackageLoader: Error while loading package Tkinter (py) : No module named _tkinter, please install the python-tk package
Traceback (most recent call last):
  File "<console>", line 1, in <module>
  File "C:/textedit.py", line 1, in <module>
    from Tkinter import *
  File "<string>", line 110, in load_module
ImportError: No module named _tkinter, please install the python-tk package
>>>

Is there a way to make tkinter work?

When I install puppy, I have an error when using sudo git submodule update : Cloning into '/home/masxnz/pupy/client/sources-linux/linux-inject'... Cloning into '/home/masxnz/pupy/pupy/external/LaZagne'... Cloning into '/home/masxnz/pupy/pupy/external/impacket'... Cloning into '/home/masxnz/pupy/pupy/external/memorpy'... Cloning into '/home/masxnz/pupy/pupy/external/pywerview'... Cloning into '/home/masxnz/pupy/pupy/external/scapy'... Cloning into '/home/masxnz/pupy/pupy/external/winpty'... Cloning into '/home/masxnz/pupy/pupy/payload_templates'... Submodule path 'client/sources-linux/linux-inject': checked out 'ce6d7e4b1d6c06b2fb36548e23d62685a1f91209' error: no such remote ref 3135aefe986d2a411309022039b931f2a45936ea Fetched in submodule path 'pupy/external/LaZagne', but it did not contain 3135aefe986d2a411309022039b931f2a45936ea. Direct fetching of that commit failed.

Hi everyone, i am new to pupy. i have followed pupy installation steps but whenever i run command ./pupygen.py i get this error message.

root@ubuntu:~/pupy/pupy# ./pupygen.py

Traceback (most recent call last): File "./pupygen.py", line 7, in from pupylib.utils.network import get_listener_ip, get_listener_port File "/root/pupy/pupy/pupylib/init.py", line 4, in from PupyService import * File "/root/pupy/pupy/pupylib/PupyService.py", line 27, in from pupylib.PupyCredentials import Credentials File "/root/pupy/pupy/pupylib/PupyCredentials.py", line 20, in from M2Crypto import X509, EVP, RSA, ASN1, BIO File "/usr/local/lib/python2.7/dist-packages/M2Crypto/init.py", line 26, in from M2Crypto import (ASN1, AuthCookie, BIO, BN, DH, DSA, EVP, Engine, Err, File "/usr/local/lib/python2.7/dist-packages/M2Crypto/ASN1.py", line 15, in from M2Crypto import BIO, m2, util File "/usr/local/lib/python2.7/dist-packages/M2Crypto/BIO.py", line 10, in from M2Crypto import m2, util File "/usr/local/lib/python2.7/dist-packages/M2Crypto/util.py", line 20, in from typing import AnyStr, Tuple, Union # noqa ImportError: No module named typing

please i need help or am i missing something with configuration?

Hi guy, I tried to make some Chinese (Traditional and Simplified) folders and files into target computer. It's shown as below screen.

How can display any language? Such as Chinese, Japanese...etc

I have sync my fork to the last commit and downloaded new binaries. However, I do not manage to get a reverse shell (I have tested it on Linux and Windows).

When I generate a linux binary, the binary is created but I have two lines in red (Required credentials and the line with "SSL_BIND_CERT, SSL_CA_CERT"). And no connection is made when I launch the binary:

./pupygen.py -f client -A x64 -O linux connect --host 192.168.142.163:1234
[+] Generate client: linux/x64
[C] launcher: connect
[C] launcher_args: ['--host', '192.168.142.163:1234']
[C] offline_script: 
[+] Required credentials:
[+] SSL_BIND_CERT, SSL_CA_CERT, SSL_CLIENT_CERT, SSL_BIND_KEY, SSL_CLIENT_KEY
[+] OUTPUT_PATH = /tmp/pupyx64.mIsHAJ.lin
[+] SCRIPTLETS = []
[+] DEBUG = False

Moreover, when I generate a python payload, I have some errors:

sudo ./pupygen.py -f py connect --host 192.168.142.163:1234
WARNING:root:Error with GnomeKeyring get_pass : Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
[I] use_gnome_keyring is true, the password will be stored in the Gnome-Keyring
[I] Credentials password: 
WARNING:root:Error with GnomeKeyring store_pass : Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
ERROR:root:bad decrypt pad (123)
Traceback (most recent call last):
  File "./pupygen.py", line 545, in <module>
    pupygen(parser.parse_args(), config)
  File "./pupygen.py", line 483, in pupygen
    packed_payload=pack_py_payload(get_raw_conf(conf))
  File "./pupygen.py", line 73, in get_raw_conf
    credentials = Credentials(role='client')
  File "/tmp/pupy/pupy/pupylib/PupyCredentials.py", line 206, in __init__
    encryptor.decrypt(StringIO(content), fcontent)
  File "/tmp/pupy/pupy/pupylib/PupyCredentials.py", line 162, in decrypt
    raise ValueError("bad decrypt pad (%d)" % padding_length)
ValueError: bad decrypt pad (123)
bad decrypt pad (123)

I have tested to clone the project from @alxchk (and binaries too) and same problem with the connection (I didn't manage to get a reverse shell working). I could generate the python payload without errors this time but it didn't work.

I don't understand as well, what is stored on the gnome keyring. I saw that a credentials password is required (at least on the @alxchk fork) but I didn't manage to reset it.

So I don't know if something has been broken or if it's my pupy installation.

I am using Linux Kali and I am getting Command "python setup.py egg_info" failed with error code 1 in /tmp/pip-build-1eZcb4/pyautogui/ this error when I write pip install -r pupy/requirements.txt please help.

Thank you.

I have changed the creds output to have a humain readable output. Now, it is possible to search into passwords (word could be "hash", "plaintext", an uid, or anything that could be in the login, the password / hash, or the url). creds -s <word>

To retrieve creds by host creds --sort

This is the server side error message:

[!] Load winpty failed: Exception: No module named security
[!] Error loading package winpty (winpty.pyo pkg=False) : No module named security Traceback (most recent call last):
ImportError: No module named security
[!] Load ptyshell failed: Exception: No module named security
[!] Error loading package ptyshell (ptyshell.pyo pkg=False) : No module named security Traceback (most recent call last):
ImportError: No module named security
2019-03-12 12:06:10,970| No module named security

========= Remote Traceback (1) =========
Traceback (most recent call last):
ImportError: No module named security
Traceback (most recent call last):
  File "/home/ubuntu/tools/pupy_new/pupy/pupy/pupylib/PupyJob.py", line 164, in module_worker
    module.run(self.args)
  File "/home/ubuntu/tools/pupy_new/pupy/pupy/modules/interactive_shell.py", line 72, in run
    acquire_shell = self.client.remote('ptyshell', 'acquire', False)
  File "/home/ubuntu/tools/pupy_new/pupy/pupy/pupylib/PupyClient.py", line 234, in remote
    remote_module = getattr(self.conn.modules, module)
  File "/home/ubuntu/tools/pupy_new/pupy/pupyw/local/lib/python2.7/site-packages/rpyc/core/netref.py", line 151, in __getattribute__
    return syncreq(self, consts.HANDLE_GETATTR, name)
  File "/home/ubuntu/tools/pupy_new/pupy/pupyw/local/lib/python2.7/site-packages/rpyc/core/netref.py", line 72, in syncreq
    return conn.sync_request(handler, oid, *args)
  File "/home/ubuntu/tools/pupy_new/pupy/pupy/network/lib/connection.py", line 387, in sync_request
    raise obj
ImportError: No module named security

========= Remote Traceback (1) =========
Traceback (most recent call last):
ImportError: No module named security

[-] No module named security

========= Remote Traceback (1) =========
Traceback (most recent call last):
ImportError: No module named security

This is the client side error message:

2019-03-12 12:19:12,967| Adding files: ['ptyshell.pyo', 'winpty.pyo']
2019-03-12 12:19:12,967| stream: send=12
2019-03-12 12:19:12,967| Wait for task to be queued(SyncQueue Dispatcher)
2019-03-12 12:19:13,016| Dispatch(PC:conn1) - data (29)
2019-03-12 12:19:13,016| Processing message request, type(PC:conn1): 4 seq: 64 - started
2019-03-12 12:19:13,016| Queue task
2019-03-12 12:19:13,017| Task queued
2019-03-12 12:19:13,017| Task acquired(SyncQueue Dispatcher)
2019-03-12 12:19:13,019| Find module: ptyshell/None/False
2019-03-12 12:19:13,020| [L] find_module(ptyshell,None) in ['ptyshell.pyo'])
2019-03-12 12:19:13,022| ptyshell found in "ptyshell.pyo" / size = 3781
2019-03-12 12:19:13,022| --> Loading ptyshell (ptyshell.pyo) package=False
2019-03-12 12:19:13,023| [L] ptyshell remove ptyshell.pyo from bundle / count = 308
2019-03-12 12:19:13,028| loading module ptyshell
2019-03-12 12:19:13,028| Load ptyshell from marshalled file (pyo)
2019-03-12 12:19:13,029| Find module: winpty/None/False
2019-03-12 12:19:13,029| [L] find_module(winpty,None) in ['winpty.pyo'])
2019-03-12 12:19:13,029| winpty found in "winpty.pyo" / size = 7240
2019-03-12 12:19:13,029| --> Loading winpty (winpty.pyo) package=False
2019-03-12 12:19:13,029| [L] winpty remove winpty.pyo from bundle / count = 307
2019-03-12 12:19:13,035| loading module winpty
2019-03-12 12:19:13,035| Load winpty from marshalled file (pyo)
2019-03-12 12:19:13,036| Find module: pupwinutils.security/None/False
2019-03-12 12:19:13,036| [L] find_module(pupwinutils.security,None) in [])
2019-03-12 12:19:13,036| pupwinutils.security not found in []: not in 0 files
2019-03-12 12:19:13,040| Async request(PC:conn1): 6
2019-03-12 12:19:13,040| stream: send=91
2019-03-12 12:19:13,042| Call remote_print_error() - error loading package winpty - start
2019-03-12 12:19:13,043| Async request(PC:conn1): 7
2019-03-12 12:19:13,043| stream: send=297
2019-03-12 12:19:13,043| Call remote_print_error() - error loading package winpty - complete
2019-03-12 12:19:13,048| Async request(PC:conn1): 8
2019-03-12 12:19:13,049| stream: send=93
2019-03-12 12:19:13,049| Call remote_print_error() - error loading package ptyshell - start
2019-03-12 12:19:13,049| Async request(PC:conn1): 9
2019-03-12 12:19:13,049| stream: send=409
2019-03-12 12:19:13,051| Call remote_print_error() - error loading package ptyshell - complete

Is this a bug of client? Maybe it is about the privilege of client. I tried to run interactive_shell with System privilege and succeeded. But High privilege did not work.

File "/pupy/pupy/./pupygen.py", line 221 os.chmod(os.path.join(root, dir), 0700) ^ SyntaxError: leading zeros in decimal integer literals are not permitted; use an 0o prefix for octal integers

At running 'pupysh'

 from tqdm.auto import tqdm
ModuleNotFoundError: No module named 'tqdm'

running pip install via exact version

root@base:~# python3.8 -m pip install tqdm
Requirement already satisfied: tqdm in /usr/local/lib/python3.8/dist-packages (4.64.1)

Hi,

When I knew the existence of the nextgen branch, I hurried up to test it and it worked marvelously :smile: thanks to pipx.

Can you merge "nextgen" to "master" so it can be the default branch, and publish it on pypi when possible ? so it'll be easy to install in just one easy short pipx install pupy

What do you think ?

In the target machine, It cause the. "Module does not support interrupts. Resources may leak!" which will cause the reason, Is there any reson will cause not support Module does not support interrupts. Resources may leak!