Harmj0y
f853e6d750
Added option parsing and cred store support to lateral_movement/invoke_sshcommand
2015-11-28 16:00:16 -05:00
HarmJ0y
ebc023d560
Merge pull request #101 from rvrsh3ll/master
...
Add Invoke-SSHCommand
2015-11-28 15:50:57 -05:00
rvrsh3ll
6c867048c4
Add Invoke-SSHCommand
2015-11-25 15:49:36 -05:00
xorrior
c65498371f
Merge branch 'master' of https://github.com/xorrior/Empire
2015-11-25 11:55:44 -05:00
xorrior
acb9d1bb2f
Added ChromeDump and FoxDump modules
2015-11-25 11:55:36 -05:00
xorrior
7530a81d88
Merge remote-tracking branch 'refs/remotes/PowerShellEmpire/master'
2015-11-24 19:40:14 -05:00
HarmJ0y
ddb47c3cdb
Merge pull request #98 from PowerShellEmpire/script_autorun
...
Script autorun
2015-11-24 17:07:14 -05:00
xorrior
d71ee5f4b7
Merge remote-tracking branch 'refs/remotes/PowerShellEmpire/master'
2015-11-24 13:24:24 -05:00
HarmJ0y
580eef0dc9
Merge pull request #97 from blark/patch-1
...
Update install.sh to install python-pip
2015-11-24 10:49:55 -05:00
blark
5fef212387
Update install.sh to install pip
...
python-pip isn't installed by default on Kali docker images.
2015-11-24 09:09:23 -05:00
Harmj0y
3817385bb2
Fixed agent result caching bug (again)
...
Fixed multiple agent-interaction bug that causes results to be displayed simultaneously
2015-11-24 00:41:16 -05:00
Harmj0y
79400a329f
Fixup for recon/http_login
2015-11-24 00:22:42 -05:00
HarmJ0y
cf9f2f0cbf
Merge pull request #96 from rvrsh3ll/master
...
Added HTTP-Login Recon Module
2015-11-23 23:16:14 -05:00
Harmj0y
6de27d4846
Corrected /dc flag in credentials/mimikatz/dcsync
2015-11-23 21:06:06 -05:00
rvrsh3ll
abb1c7f555
Changed User Agent to be 2.0 compatible
2015-11-23 15:40:45 -05:00
rvrsh3ll
c2c1676eea
Added Random User Agents
2015-11-23 11:37:54 -05:00
rvrsh3ll
b703e13614
Added HTTP-Login Recon Module
2015-11-23 08:50:58 -05:00
Harmj0y
aa9c9e804e
Added management/invoke_script
2015-11-22 17:36:57 -05:00
Harmj0y
e59844be72
Added ability to set a script to run on each agent checkin with "set Agent autorun" in module menu.
...
"(Empire: agents) > clear autorun" will clear out any current autoruns
WARNING: this requires a DB schema mod to work correctly, meaning you will lose current
agent connection information if run!
2015-11-22 17:25:28 -05:00
HarmJ0y
8aa7918ef6
Merge pull request #95 from PowerShellEmpire/nested_menu_fix2
...
Fixed nested menu bug that caused buildup of "Agent X not active."
2015-11-21 20:16:12 -05:00
Harmj0y
8637a49338
Fixed nested menu bug that caused buildup of "Agent X not active."
...
Main display menu now shows each time "main" menu is entered.
2015-11-21 20:03:40 -05:00
Harmj0y
062a806dd6
Certificate generation added to setup.sh
2015-11-21 18:24:17 -05:00
HarmJ0y
9f1cb47d3a
Merge pull request #89 from MikeDawg/master
...
Updated install.sh to support Fedora
2015-11-21 18:16:39 -05:00
HarmJ0y
6481b7a47d
Merge pull request #91 from sethsec/master
...
Made SSL key/cert generation non-interactive
2015-11-21 18:10:22 -05:00
Harmj0y
2c14853b29
Fix for exploitation/exploit_jboss
2015-11-21 18:07:57 -05:00
HarmJ0y
b31d69745e
Merge pull request #94 from rvrsh3ll/master
...
Added JBoss JMX Console exploit deployment module.
2015-11-21 17:56:29 -05:00
rvrsh3ll
b8d34090fe
Added JBoss JMX Console exploit deployment module.
2015-11-20 12:37:19 -05:00
sethsec
062f98d0d1
Made SSL key/cert generation non-interactive
2015-11-18 23:49:33 -05:00
MikeDawg
a1abe22016
Updated install.sh to support Fedora
...
Added support for Fedora, cleaned up the options for Debian and Kali. Fallback is going to Ubuntu/Debian
2015-11-13 16:01:41 -07:00
Harmj0y
8961af6262
Added situational_awareness/network/powerview/get_loggedon and get_session
2015-11-12 23:17:37 -05:00
Harmj0y
6058f25a57
few tweaks to recon/find_fruit
2015-11-08 20:40:07 -05:00
HarmJ0y
c68177cff7
Merge pull request #87 from rvrsh3ll/master
...
Threading Updates
2015-11-08 20:37:41 -05:00
rvrsh3ll
fbd0b3434e
Added ColdFusion
2015-11-08 20:08:46 -05:00
Harmj0y
c9afcc138f
Updated PowerView, added situational_awareness/network/powerview/get_forest
2015-11-08 19:36:20 -05:00
Harmj0y
7252718537
derp
2015-11-08 19:00:03 -05:00
Harmj0y
7db7ec6bbc
All PowerUp modules now dynamically built from a single source file
...
PowerUp bug fixes
Added privesc/powerup/service_exe_restore, pulled logic from other modules
Added management/spawnas to spawn agents with explicit credentials
Debug functionality (--debug) now outputs the source of the last tasked script to ./LastTask.ps1
Write-Verbose and Write-Debug lines now stripped from tasked scripts
2015-11-08 18:51:57 -05:00
rvrsh3ll
746f390a1d
Added Threading
...
Added FoundOnly
2015-11-08 08:10:32 -05:00
Harmj0y
3315c106ba
Renamed privesc/directuac to privesc/ask
...
Added local admin priv and opsec checks
2015-11-05 13:06:36 -05:00
HarmJ0y
c16107ca7b
Merge pull request #84 from Jack64/patch-2
...
Privesc - DirectUAC
2015-11-05 12:48:21 -05:00
João Pena Gil
6adfacf8f6
Privesc - DirectUAC
...
Added DirectUAC module.
Description:
Leverages Start-Process' -Verb runAs option inside a loop to prompt the user for a high integrity context before running the agent code.
UAC will report Powershell is requesting Administrator privileges. Because this does not use the BypassUAC DLLs, it should not trigger any AV alerts.
2015-11-05 09:53:34 +00:00
Harmj0y
4e95039bc4
added persistence/misc/add_netuser to add local/domain users
2015-11-04 15:19:06 -05:00
Harmj0y
ced2b5d373
Merge branch 'master' of https://github.com/PowerShellEmpire/Empire
2015-11-02 14:53:06 -05:00
Harmj0y
55709598d5
Bug fix in some packet responses.
2015-11-02 14:52:46 -05:00
HarmJ0y
04f6869f1e
Merge pull request #79 from tguglanaklona/BypassUAC-SID-Add
...
Specifying Mandatory Level SID at Invoke-BypassUAC
2015-11-01 18:28:32 -05:00
tguglanaklona
4908aca8c5
Specifying Mandatory Level Name instead of SID can lead to false-negative result (for non-latin names, as for me - cyrillic). Changed to SID
2015-11-01 23:55:08 +03:00
enigma0x3
35fe5be817
Merge pull request #78 from redfast00/master
...
Corrected a typo preventing the autorunning macro from automatically running
2015-10-30 16:51:59 -04:00
redfast00
545d947183
Corrected a typo preventing the autorunning macro from automatically running
2015-10-30 21:44:58 +01:00
Harmj0y
c26a63ad94
marked module option as not required
2015-10-30 13:51:59 -04:00
Harmj0y
581c9aa948
Moved antivirusproduct to situational_awareness/host/antivirusproduct ,
...
added ComputerName option, output pipeline fix.
2015-10-30 13:39:25 -04:00
HarmJ0y
59aa123d88
Merge pull request #77 from mh4x0f/master
...
added module collection/Get-AntiVirusProduct
2015-10-30 13:36:21 -04:00