Expanded server/agent epoch check from +/- 10 minutes to +/- 12 hours

data/agent/agent.ps1

@@ -895,9 +895,10 @@ function Invoke-Empire {
         # calculate what the server's epoch should be based on the epoch diff
         #   this is just done for the first packet in a queue
         $ServerEpoch = [int][double]::Parse((Get-Date(Get-Date).ToUniversalTime()-UFormat %s)) - $script:EpochDiff
-        # if the epoch counter isn't within a +/- 10 minute range (600 seconds)
+
+        # if the epoch counter isn't within a +/- 12 hour range (43200 seconds)
         #   skip processing this packet
-        if ($counter -lt ($ServerEpoch-600) -or $counter -gt ($ServerEpoch+600)){
+        if ($counter -lt ($ServerEpoch-43200) -or $counter -gt ($ServerEpoch+43200)){
             return
         }
 

empire

@@ -125,6 +125,8 @@ def get_permanent_token(conn):
 #    GET      http://localhost:1337/api/reporting/type/Y     return all logged events of type Y (checkin, task, result, rename)
 #    GET      http://localhost:1337/api/reporting/msg/Z      return all logged events matching message Z, wildcards accepted
 #
+#    GET      http://localhost:1337/api/creds                return stored credentials
+#
 #    GET      http://localhost:1337/api/admin/login          retrieve the API token given the correct username and password
 #    GET      http://localhost:1337/api/admin/permanenttoken retrieve the permanent API token, generating/storing one if it doesn't already exist
 #    GET      http://localhost:1337/api/admin/shutdown       shutdown the RESTful API

lib/common/packets.py

@@ -83,10 +83,10 @@ def get_counter():
 def validate_counter(counter):
     """
     Validates a counter ensuring it's in a sliding window.
-    Window is +/- 10 minutes (600 seconds).
+    Window is +/- 12 hours (43200 seconds)
     """
     currentTime = int(time.time())
-    return (currentTime-600) <= counter <= (currentTime+600)
+    return (currentTime-43200) <= counter <= (currentTime+43200)
 
 
 def build_task_packet(taskName, data):