infosecn1nja
/
Empire
mirror of https://github.com/infosecn1nja/Empire.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changed error responses to 400s

1.6
Harmj0y 2016-03-30 21:58:00 -04:00
parent 739a45c8cd
commit 9e4e570a56
1 changed files with 15 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
empire
View File

@ -300,7 +300,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
return make_response(jsonify( {'error': 'stager name %s not found' %(stagerName) } ), 404) return make_response(jsonify( {'error': 'stager name %s not found' %(stagerName) } ), 404)
if not main.listeners.is_listener_valid(listener): if not main.listeners.is_listener_valid(listener):
return jsonify({'error': 'invalid listener ID or name'}) return make_response(jsonify({'error': 'invalid listener ID or name'}), 400)
stager = main.stagers.stagers[stagerName] stager = main.stagers.stagers[stagerName]
@ -308,13 +308,13 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
for option,values in request.json.iteritems(): for option,values in request.json.iteritems():
if option != 'StagerName': if option != 'StagerName':
if(option not in stager.options): if(option not in stager.options):
return jsonify({'error': 'Invalid option %s, check capitalization.' %(option)}) return make_response(jsonify({'error': 'Invalid option %s, check capitalization.' %(option)}), 400)
stager.options[option]['Value'] = values stager.options[option]['Value'] = values
# validate stager options # validate stager options
for option,values in stager.options.iteritems(): for option,values in stager.options.iteritems():
if values['Required'] and ((not values['Value']) or (values['Value'] == '')): if values['Required'] and ((not values['Value']) or (values['Value'] == '')):
return jsonify({'error': 'required stager options missing'}) return make_response(jsonify({'error': 'required stager options missing'}), 400)
stagerOut = copy.deepcopy(stager.options) stagerOut = copy.deepcopy(stager.options)
@ -380,7 +380,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
# set all passed module options # set all passed module options
for key,value in request.json.iteritems(): for key,value in request.json.iteritems():
if key not in module.options: if key not in module.options:
return jsonify({'error': 'invalid module option'}) return make_response(jsonify({'error': 'invalid module option'}), 400)
module.options[key]['Value'] = value module.options[key]['Value'] = value
@ -389,42 +389,42 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
for option,values in module.options.iteritems(): for option,values in module.options.iteritems():
if values['Required'] and ((not values['Value']) or (values['Value'] == '')): if values['Required'] and ((not values['Value']) or (values['Value'] == '')):
return jsonify({'error': 'required module option missing'}) return make_response(jsonify({'error': 'required module option missing'}), 400)
try: try:
# if we're running this module for all agents, skip this validation # if we're running this module for all agents, skip this validation
if sessionID.lower() != "all" and sessionID.lower() != "autorun": if sessionID.lower() != "all" and sessionID.lower() != "autorun":
if not main.agents.is_agent_present(sessionID): if not main.agents.is_agent_present(sessionID):
return jsonify({'error': 'invalid agent name'}) return make_response(jsonify({'error': 'invalid agent name'}), 400)
modulePSVersion = int(module.info['MinPSVersion']) modulePSVersion = int(module.info['MinPSVersion'])
agentPSVersion = int(main.agents.get_ps_version(sessionID)) agentPSVersion = int(main.agents.get_ps_version(sessionID))
# check if the agent/module PowerShell versions are compatible # check if the agent/module PowerShell versions are compatible
if modulePSVersion > agentPSVersion: if modulePSVersion > agentPSVersion:
return jsonify({'error': "module requires PS version "+str(modulePSVersion)+" but agent running PS version "+str(agentPSVersion)}) return make_response(jsonify({'error': "module requires PS version "+str(modulePSVersion)+" but agent running PS version "+str(agentPSVersion)}), 400)
except Exception as e: except Exception as e:
return jsonify({'error': 'exception: %s' %(e)}) return make_response(jsonify({'error': 'exception: %s' %(e)}), 400)
# check if the module needs admin privs # check if the module needs admin privs
if module.info['NeedsAdmin']: if module.info['NeedsAdmin']:
# if we're running this module for all agents, skip this validation # if we're running this module for all agents, skip this validation
if sessionID.lower() != "all" and sessionID.lower() != "autorun": if sessionID.lower() != "all" and sessionID.lower() != "autorun":
if not main.agents.is_agent_elevated(sessionID): if not main.agents.is_agent_elevated(sessionID):
return jsonify({'error': 'module needs to run in an elevated context'}) return make_response(jsonify({'error': 'module needs to run in an elevated context'}), 400)
# actually execute the module # actually execute the module
moduleData = module.generate() moduleData = module.generate()
if not moduleData or moduleData == "": if not moduleData or moduleData == "":
return jsonify({'error': 'module produced an empty script'}) return make_response(jsonify({'error': 'module produced an empty script'}), 400)
try: try:
moduleData.decode('ascii') moduleData.decode('ascii')
except UnicodeDecodeError: except UnicodeDecodeError:
return jsonify({'error': 'module source contains non-ascii characters'}) return make_response(jsonify({'error': 'module source contains non-ascii characters'}), 400)
moduleData = helpers.strip_powershell_comments(moduleData) moduleData = helpers.strip_powershell_comments(moduleData)
taskCommand = "" taskCommand = ""
@ -677,11 +677,11 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
for option,values in request.json.iteritems(): for option,values in request.json.iteritems():
returnVal = main.listeners.set_listener_option(option, values) returnVal = main.listeners.set_listener_option(option, values)
if not returnVal: if not returnVal:
return jsonify({'error': 'error setting listener value %s with option %s' %(option, values)}) return make_response(jsonify({'error': 'error setting listener value %s with option %s' %(option, values)}), 400)
valid = main.listeners.validate_listener_options() valid = main.listeners.validate_listener_options()
if not valid: if not valid:
return jsonify({'error': 'error validating listener options'}) return make_response(jsonify({'error': 'error validating listener options'}), 400)
success = main.listeners.add_listener_from_config() success = main.listeners.add_listener_from_config()
return jsonify({'success': success}) return jsonify({'success': success})
@ -895,12 +895,12 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
result = main.agents.rename_agent(agentName, newName) result = main.agents.rename_agent(agentName, newName)
if not result: if not result:
return jsonify({'error': 'error in renaming %s to %s, new name may have already been used' %(agentName, newName)}) return make_response(jsonify({'error': 'error in renaming %s to %s, new name may have already been used' %(agentName, newName)}), 400)
return jsonify({'success': True}) return jsonify({'success': True})
except: except:
return jsonify({'error': 'error in renaming %s to %s' %(agentName, newName)}) return make_response(jsonify({'error': 'error in renaming %s to %s' %(agentName, newName)}), 400)
@app.route('/api/agents/<string:agent_name>/clear', methods=['POST', 'GET']) @app.route('/api/agents/<string:agent_name>/clear', methods=['POST', 'GET'])