infosecn1nja
/
Empire
mirror of https://github.com/infosecn1nja/Empire.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Cleaned up agent tasking in API 

/empire/api/agents/all/results now returns all agent results
1.6
Harmj0y 2016-03-22 21:23:47 -04:00
parent 7c142151a8
commit f2ad5da09c
1 changed files with 78 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

127
empire
View File

@ -369,7 +369,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
""" """
Returns JSON describing the current listener options. Returns JSON describing the current listener options.
""" """
return jsonify({'ListenerOptions' : main.listeners.options}) return jsonify({'listeneroptions' : main.listeners.options})
@app.route('/empire/api/listeners', methods=['POST']) @app.route('/empire/api/listeners', methods=['POST'])
@ -453,20 +453,33 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
from the backend database. from the backend database.
""" """
agentResults = execute_db_query(conn, 'SELECT results FROM agents WHERE name=? OR session_id=?', [agent_name, agent_name])[0] agentTaskResults = {}
if agentResults and agentResults[0] and agentResults[0] != '': if agent_name.lower() == "all":
out = json.loads(agentResults[0]) # enumerate all target agent sessionIDs
if(out): agentNameIDs = execute_db_query(conn, "SELECT name,session_id FROM agents WHERE name like '%' OR session_id like '%'")
agentResults = "\n".join(out) else:
agentNameIDs = execute_db_query(conn, 'SELECT name,session_id FROM agents WHERE name like ? OR session_id like ?', [agent_name, agent_name])
for agentNameID in agentNameIDs:
(agentName, agentsSessionID) = agentNameID
agentResults = execute_db_query(conn, 'SELECT results FROM agents WHERE session_id=?', [agentsSessionID])[0]
if agentResults and agentResults[0] and agentResults[0] != '':
out = json.loads(agentResults[0])
if(out):
agentResults = "\n".join(out)
else:
agentResults = ''
else: else:
agentResults = '' agentResults = ''
else:
agentResults = ''
execute_db_query(conn, 'UPDATE agents SET results=? WHERE name=? OR session_id=?', ['', agent_name, agent_name]) execute_db_query(conn, 'UPDATE agents SET results=? WHERE session_id=?', ['', agentsSessionID])
return jsonify({agent_name : {'Results': agentResults}}) agentTaskResults[agentName] = agentResults
return jsonify({'results': agentTaskResults})
# TODO: add get /name/results to get/clear results from DB # TODO: add get /name/results to get/clear results from DB
@ -477,53 +490,69 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
Used for tasking, clearing tasking, setting sleep, renaming, and killing. Used for tasking, clearing tasking, setting sleep, renaming, and killing.
""" """
if 'Task' in request.json.keys(): agentTaskResults = {}
if agent_name.lower() == "all": if 'task' in request.json.keys() or 'clear' in request.json.keys():
agent_name = '%'
taskName = request.json['Task']['TaskName'] if 'clear' in request.json.keys():
task = request.json['Task']['Task'] taskName = ''
taskdata = ''
# get existing agent taskings taskType = 'clear'
agentTasks = execute_db_query(conn, 'SELECT taskings FROM agents WHERE name like ? OR session_id like ?', [agent_name, agent_name])[0]
if(agentTasks and agentTasks[0]):
agentTasks = json.loads(agentTasks[0])
else: else:
agentTasks = [] taskName = request.json['task']['taskname']
if 'taskdata' in request.json['task']:
# append our new json-ified task and update the backend taskdata = request.json['task']['taskdata']
agentTasks.append([taskName, task]) else:
execute_db_query(conn, "UPDATE agents SET taskings=? WHERE name=? OR session_id=?", [json.dumps(agentTasks), agent_name, agent_name]) taskdata = ''
taskType = 'task'
timeStamp = strftime("%Y-%m-%d %H:%M:%S", localtime())
execute_db_query(conn, "INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (agent_name,"task",taskName + " - " + task[0:50], timeStamp ))
return jsonify({'AgentName':agent_name, 'TaskType':'Task', 'TaskName':taskName, 'Task':task})
elif 'Clear' in request.json.keys():
if agent_name.lower() == "all": if agent_name.lower() == "all":
agent_name = '%' # enumerate all target agent sessionIDs
agentNameIDs = execute_db_query(conn, "SELECT name,session_id FROM agents WHERE name like '%' OR session_id like '%'")
else:
agentNameIDs = execute_db_query(conn, 'SELECT name,session_id FROM agents WHERE name like ? OR session_id like ?', [agent_name, agent_name])
execute_db_query(conn, "UPDATE agents SET taskings=? WHERE name like ? OR session_id like ?", ['', agent_name, agent_name]) for agentNameID in agentNameIDs:
(agentName, agentsSessionID) = agentNameID
return jsonify({'AgentName':agent_name, 'TaskType':'Clear', 'TaskName':'', 'Task':''}) if 'clear' in request.json.keys():
execute_db_query(conn, "UPDATE agents SET taskings=? WHERE session_id=?", ['', agentsSessionID])
else:
# get existing agent taskings for each agent
agentTasks = execute_db_query(conn, 'SELECT taskings FROM agents WHERE session_id like ?', [agentsSessionID])[0]
if(agentTasks and agentTasks[0]):
agentTasks = json.loads(agentTasks[0])
else:
agentTasks = []
# append our new json-ified task and update the backend
agentTasks.append([taskName, taskdata])
execute_db_query(conn, "UPDATE agents SET taskings=? WHERE session_id=?", [json.dumps(agentTasks), agentsSessionID])
timeStamp = strftime("%Y-%m-%d %H:%M:%S", localtime())
execute_db_query(conn, "INSERT INTO reporting (name,event_type,message,time_stamp) VALUES (?,?,?,?)", (agentName,"task",taskName + " - " + taskdata[0:50], timeStamp ))
agentTaskResults[agentName] = {'tasktype':taskType, 'taskname':taskName, 'taskdata':taskdata}
elif 'Rename' in request.json.keys(): elif 'rename' in request.json.keys():
oldName = request.json['Rename']['OldName']
newName = request.json['Rename']['NewName'] newName = request.json['rename']['newname']
try: try:
main.agents.rename_agent(oldName, newName) result = main.agents.rename_agent(agent_name, newName)
return jsonify({'success': True})
except:
return jsonify({'error': 'error in renaming %s to %s' %(oldName, newName)})
return jsonify({'error':'error in tasking agent %s' % (agent_name)}) if not result:
return jsonify({'error': 'error in renaming %s to %s, newname may have already been used' %(agent_name, newName)})
agentTaskResults[agent_name] = {'tasktype':'rename', 'taskname':'', 'task':newName}
except:
return jsonify({'error': 'error in renaming %s to %s' %(agent_name, newName)})
return jsonify({'taskings':agentTaskResults})
@app.route('/empire/api/agents/<string:agent_name>', methods=['DELETE']) @app.route('/empire/api/agents/<string:agent_name>', methods=['DELETE'])
@ -544,7 +573,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
removedAgents[name] = {"ID":ID, "sessionID":sessionID, "listener":listener, "name":name, "delay":delay, "jitter":jitter, "external_ip":external_ip, "internal_ip":internal_ip, "username":username, "high_integrity":high_integrity, "process_name":process_name, "process_id":process_id, "hostname":hostname, "os_details":os_details, "session_key":session_key, "checkin_time":checkin_time, "lastseen_time":lastseen_time, "parent":parent, "children":children, "servers":servers, "uris":uris, "old_uris":old_uris, "user_agent":user_agent, "headers":headers, "functions":functions, "kill_date":kill_date, "working_hours":working_hours, "ps_version":ps_version, "lost_limit":lost_limit, "taskings":taskings, "results":results} removedAgents[name] = {"ID":ID, "sessionID":sessionID, "listener":listener, "name":name, "delay":delay, "jitter":jitter, "external_ip":external_ip, "internal_ip":internal_ip, "username":username, "high_integrity":high_integrity, "process_name":process_name, "process_id":process_id, "hostname":hostname, "os_details":os_details, "session_key":session_key, "checkin_time":checkin_time, "lastseen_time":lastseen_time, "parent":parent, "children":children, "servers":servers, "uris":uris, "old_uris":old_uris, "user_agent":user_agent, "headers":headers, "functions":functions, "kill_date":kill_date, "working_hours":working_hours, "ps_version":ps_version, "lost_limit":lost_limit, "taskings":taskings, "results":results}
return jsonify({'RemovedAgents': removedAgents}) return jsonify({'removedagents': removedAgents})
@app.route('/empire/api/agents/stale', methods=['DELETE']) @app.route('/empire/api/agents/stale', methods=['DELETE'])
@ -569,7 +598,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
removedAgents[name] = {"ID":ID, "sessionID":sessionID, "listener":listener, "name":name, "delay":delay, "jitter":jitter, "external_ip":external_ip, "internal_ip":internal_ip, "username":username, "high_integrity":high_integrity, "process_name":process_name, "process_id":process_id, "hostname":hostname, "os_details":os_details, "session_key":session_key, "checkin_time":checkin_time, "lastseen_time":lastseen_time, "parent":parent, "children":children, "servers":servers, "uris":uris, "old_uris":old_uris, "user_agent":user_agent, "headers":headers, "functions":functions, "kill_date":kill_date, "working_hours":working_hours, "ps_version":ps_version, "lost_limit":lost_limit, "taskings":taskings, "results":results} removedAgents[name] = {"ID":ID, "sessionID":sessionID, "listener":listener, "name":name, "delay":delay, "jitter":jitter, "external_ip":external_ip, "internal_ip":internal_ip, "username":username, "high_integrity":high_integrity, "process_name":process_name, "process_id":process_id, "hostname":hostname, "os_details":os_details, "session_key":session_key, "checkin_time":checkin_time, "lastseen_time":lastseen_time, "parent":parent, "children":children, "servers":servers, "uris":uris, "old_uris":old_uris, "user_agent":user_agent, "headers":headers, "functions":functions, "kill_date":kill_date, "working_hours":working_hours, "ps_version":ps_version, "lost_limit":lost_limit, "taskings":taskings, "results":results}
return jsonify({'RemovedAgents': removedAgents}) return jsonify({'removedagents': removedAgents})
@app.route('/empire/api/reporting', methods=['GET']) @app.route('/empire/api/reporting', methods=['GET'])
@ -697,7 +726,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
sys.stdout.close() sys.stdout.close()
sys.stdout = oldStdout sys.stdout = oldStdout
print "\n[*]Shutting down Empire RESTful API" print "\n * Shutting down Empire RESTful API"
func = request.environ.get('werkzeug.server.shutdown') func = request.environ.get('werkzeug.server.shutdown')
if func is not None: if func is not None:
@ -706,7 +735,7 @@ def start_restful_api(startEmpire=False, suppress=False, username=None, password
if conn: conn.close() if conn: conn.close()
if startEmpire: if startEmpire:
print "Shutting down the Empire instance" print " * Shutting down the Empire instance"
main.shutdown() main.shutdown()