Pyrasite: A Tool for injecting arbitrary code into running Python processes.
Pyrasite works with Python 2.4 and newer. Injection works between versions as well, so you can run Pyrasite under Python 3 and inject into 2, and vice versa.
InstallingYou can download the latest tarballs, RPMs, and debs from PyPi. Installing the package specific to your distribution is recommended. However, you can also install it using pip if you wish
pip install pyrasite pyrasite-gui
Additional installation notes
If you’re using Fedora 17 or later, you’ll need to disable an SELinux boolean to allow ptrace.
sudo setsebool -P deny_ptrace=off
Mac OS X
If you don’t want to override Apple’s default gdb, install the latest version of gdb with a prefix (e.g. gnu)
$ ./configure --program-prefix=gnu
$ pyrasite <PID> payloads/reverse_python_shell.py --gdb-prefix="gnu"
You can install pyrasite from the Arch User Repository If you want python debugging symbols, you may have to self compile python2.
Since version 10.10, Ubuntu ships with a controversial patch that restricts the scope of ptrace, which can be disabled by running:
echo 0 > /proc/sys/kernel/yama/ptrace_scope
You can make this change permanent by setting ptrace_scope to 0 in /etc/sysctl.d/10-ptrace.conf.
Usage: pyrasite [-h] [--gdb-prefix GDB_PREFIX] [--verbose] [--output OUTPUT_TYPE] pid [filepath|payloadname]pyrasite --list-payloads
pyrasite - inject code into a running python process
Positional arguments:pid The ID of the process to inject code into
filepath|payloadname The second argument must be a path to a
file that will be sent as a payload to the
target process or it must be the name of
an existing payload (see --list-payloads).
Optional arguments:-h, --help show this help message and exit
--gdb-prefix GDB_PREFIX GDB prefix (if specified during installation)
--verbose Verbose mode
--output OUTPUT_TYPE This option controls where the output from
the executed payload will be printed. If
the value is 'procstreams' (the default) then
the output is sent to the stdout/stderr of the
process. If the value is 'localterm' then the
output is piped back and printed on the local
terminal where pyrasite is being run.
--list-payloads List payloads that are delivered by pyrasite
pyrasite-gui - A graphical interface for Pyrasite
The pyrasite-gui is a graphical interface for Pyrasite that lets you easily monitor, analyze, introspect, and alter running Python programs.
- Python debuginfo (needed for live object inspection)
- PyGObject3 Introspection bindings
- meliae (easy_install/pip may not work for this install. If not, use the tarball from the distribution website. You may need to install Cython in order to get meliae to build)
yum --enablerepo=updates-testing install python-psutil python-debuginfo python-pycallgraph pygobject3 webkitgtk3 python-meliae
apt-get install python-dbg python-pycallgraph python-gobject-dev gir1.2-webkit-3.0 python-meliae python-psutil
pacman -S python2-psutil python2-gobject python2-pycallgraph libwebkit3 python2-meliae