Example Payloads

These payloads can be found in the pyrasite/payloads directory.

Dumping thread stacks

import sys, traceback

for thread, frame in sys._current_frames().items():
    print('Thread 0x%x' % thread)
    traceback.print_stack(frame)
    print()

Viewing loaded modules

import sys

for name in sorted(sys.modules):
    print('%s: %s' % (name, sys.modules[name]))

Call Graph

Pyrasite comes with a payload that generates an image of your processes call graph using pycallgraph.

import pycallgraph
pycallgraph.start_trace()
import pycallgraph
pycallgraph.make_dot_graph('callgraph.png')

The callgraph is then generated using graphviz and saved to callgraph.png. You can see an example callgraph here.

Forcing garbage collection

import gc
gc.collect()

Dumping out object memory usage statistics

# "meliae" provides a way to dump python memory usage information to a JSON
# disk format, which can then be parsed into useful things like graph
# representations.
#
# https://launchpad.net/meliae
# http://jam-bazaar.blogspot.com/2009/11/memory-debugging-with-meliae.html

import os, meliae.scanner, platform

if platform.system() == 'Windows':
    temp = os.getenv('TEMP', os.getenv('TMP', '/temp'))
    path = os.path.join(temp, 'pyrasite-%d-objects.json' % os.getpid())
else:
    path = '/tmp/pyrasite-%d-objects.json' % os.getpid()
meliae.scanner.dump_all_objects(path)

Reverse Subprocess Shell


import pyrasite

class ReverseShell(pyrasite.ReverseConnection):

    reliable = False # This payload is designed to be used with netcat
    port = 9001

    def on_connect(self):
        uname = pyrasite.utils.run('uname -a')[1]
        self.send("%sType 'quit' to exit\n%% " % uname)

    def on_command(self, cmd):
        p, out, err = pyrasite.utils.run(cmd)
        if err:
            out += err
        self.send(out + '\n% ')
        return True

ReverseShell().start()
$ pyrasite <PID> pyrasite/payloads/reverse_shell.py
$ nc -l 9001
Linux tomservo 2.6.40.3-0.fc15.x86_64 #1 SMP Tue Aug 16 04:10:59 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux
% ls

Reverse Python Shell

Deprecated since version 2.0: Use the pyrasite-shell instead

This lets you easily introspect or alter any objects in your running process.


import sys
import pyrasite

class ReversePythonShell(pyrasite.ReversePythonConnection):
    port = 9001
    reliable = False

    def on_connect(self):
        self.send("Python %s\nType 'quit' to exit\n>>> " % sys.version)

ReversePythonShell().start()
$ python
>>> x = 'foo'
$ pyrasite <PID> pyrasite/payloads/reverse_python_shell.py
$ nc -l 9001
Python 2.7.1 (r271:86832, Apr 12 2011, 16:15:16)
[GCC 4.6.0 20110331 (Red Hat 4.6.0-2)]
>>> print x
foo
>>> globals()['x'] = 'bar'