Pupy Rat is an open source cross-platform RAT and post-exploitation framework written primarily in Python. Pupy can be loaded from various loaders, including PE EXE, reflective DLL, Linux ELF, pure python, powershell, and APK. Most loaders include a built-in Python runtime, Python library modules in source compiled native forms, as well as flexible configuration. They boot a Python runtime environment primarily in memory for later stages of pupy to run. Pupy can communicate using various transports, migrate to processes, load remote Python code, Python packages, and Python C extensions from memory.
Simply put, this program, which can create back doors for different systems, perform actions to connect to remote systems, perform exploits to collect data, increase privileges to download and upload files, capture screen, capture keystrokes, etc. Similar tools are also perfectly suited for legitimate remote system administration.
The author of the program offers two installation options: directly on the system and using Docker. This program has an error due to incompatibility with the latest version of one of the Python modules. This error leads to the fact that Pupy Rat, in fact, does not work in listening mode (it cannot accept connections). When using Docker, the errors are not displayed on the screen and it is difficult to understand what the problem is. But much worse is that it is not clear how to fix the problem with the library in this container.
Something to understand before generating a work payload is to understand how and what works, and before starting work, you need to understand terms like:
▸Transport
Which is responsible for how the server and the client transfer information between them.
▸Launchers
Launchers allow pupy to execute custom actions before initiating a reverse connection.
▸Listeners
Which are used with connect connect, that is, with Reverse Shell, when you need to wait for a connection from a remote computer.
▸Payload format
Pupy can create files for various operating systems: Windows, Linux, OSX, Android. Various processor architectures (64-bit and 32-bit) are supported. Also when creating a payload, remember that you must specify this data in the parameters.
See also:
Remote Code Execution – How Dangerous it is
PrintNightmare Vulnerability that affects Windows
[…] reads:Pupy Rat – A tool for remote administrationStrRAT Malware Threat Spreads by […]