f6d36c0067
PowerShell Beta.9 Fix, launcher_vbs bug fix, improved PowerShell install, Updated Invoke-Obfuscation
2017-11-16 21:56:37 -06:00
47f09ed045
Merge branch 'dev' of https://github.com/EmpireProject/Empire into dev
2017-11-12 17:36:28 -05:00
241bf8c9ad
Merge branch 'dev' of https://github.com/malcomvetter/Empire into dev
2017-11-09 00:04:09 -05:00
7a7e91f275
Add MSBuild.exe XML Launcher
...
This launcher leverages MSBuild.exe to execute the powershell script. It does not require access to powershell.exe so it can be convenient to bypass applocker.
The module code is a rip off from the launcher launcher_sct.py by @subTee and @enigma0x3.
2017-11-09 09:08:59 +11:00
2e5d8055b2
Removed additional comments in pyinstaller module
2017-10-24 10:04:33 -04:00
9093b3df9e
Fix for #774
2017-10-24 09:43:51 -04:00
7a916c988c
Merge pull request #759 from hightopfade/macroless_word_code_exec
...
Pushing module for macroless code exec
2017-10-23 09:39:06 -04:00
51e98068bd
moved the macroless word code exec from 'exploits' to 'stagers' per Xorrior
2017-10-20 10:03:02 -04:00
ff73dce80e
multiplatform macro
2017-10-19 17:24:08 -05:00
06f87cc6ee
Merge pull request #762 from elitest/Empyre-Empire
...
Code cleanup from Empyre merge
2017-10-18 18:47:55 -04:00
20519e45be
Migrated from Empyre to Empire in the code.
2017-10-17 18:30:13 -05:00
4aea7272f0
Merged with master
2017-10-12 12:15:44 -04:00
4fa5708ec6
Revert "DBX Improvements (SOCKS, Hide window via WindowHandler)"
2017-09-30 21:03:07 -04:00
9bc854826d
Add "BypassHidden" option to multi/launcher for DBX listeners.
...
Many AV detect the "-w 1" or "-w Hidden" option in powershell as suspicious.
Setting the "BypassHidden option in the multi/launcher to True
generates a launcher that will rather use the WindowHandler from User32.dll to
hide the powershell window instead of using "-w hidden".
Also it will remove "-w hidden","-W 1" etc. from the Launcher command string.
2017-09-27 16:33:41 +02:00
1201232241
Merge pull request #702 from athegist/fix-launcher_vbs.py
...
Fixes vbscript string literal quoting.
2017-09-23 18:52:27 -04:00
6b17073504
Merge pull request #681 from ThePirateWhoSmellsOfSunflowers/fix-macro
...
Fix macro launcher
2017-09-23 18:42:11 -04:00
9c7064371c
Fixes vbscript string literal quoting.
2017-09-17 14:55:35 -05:00
b0f647d4b9
Better powershell install, obfuscation bug fixes, fixed vbs/macro launchers
2017-09-10 02:12:46 -05:00
ef7660febd
fix quotes
...
similar to #674
2017-09-05 18:23:19 +02:00
2b2096d2e4
fix macro launcher
...
Fix typo
2017-09-05 17:23:03 +02:00
b70ad183ee
add launcher_lnk with ps payload
2017-09-03 11:50:09 +02:00
c8334b9a66
Fixed Macro syntax error per@utkusen #664
2017-08-30 21:28:34 -04:00
0e94876a56
Initial commit of Empire 2.1
...
Merge branch 'dev'
2017-08-28 08:48:47 -04:00
71fc7c85a2
Fix typo in bunny.py
...
Fixed typo, since @viss made fun of it on Slack :)
2017-08-11 23:41:58 +02:00
11c5940d7c
Fixed merge collision
2017-07-04 21:35:24 -05:00
9f16fdf594
Merge latest Empire dev commits
2017-06-29 23:17:17 -05:00
e59364efcc
Merge latest Empire-dev changes
2017-06-29 22:11:01 -05:00
ead6669eb0
fixed missing variables
...
fixed missing vari and added more random name generation algo
2017-05-18 19:19:38 -05:00
772f6818b4
Update macro.py
2017-05-18 18:50:38 -05:00
72e91e55d6
fix LengthOfVari missing error
2017-05-17 11:53:08 -05:00
d9a734a82e
Fix two more escape issues
2017-05-16 21:10:04 -05:00
4c20594217
Improved PowerShell install, fix escape display bug
2017-05-16 21:02:53 -05:00
99d0b12b1d
randomize variable names and method names
...
Make random variable and method names in VB macro code so that it looks different every time its run and runs the same every time
2017-05-16 19:59:43 -05:00
d11221bead
Merge latest Empire commits
2017-05-15 18:44:05 -05:00
dd0de873f8
Merge pull request #500 from tkisason/ducky_edit
...
Modified the ducky stager to use custom interpreter
2017-05-13 23:35:43 -04:00
789e99d790
Modified the ducky stager
2017-05-01 17:45:51 +02:00
02aa791f17
Added windows/bashbunny stager for Empire 2.0
2017-05-01 17:41:00 +02:00
dac5ba6b39
Improved preobfuscate command, better support for invoke-obfuscation style obfuscate commands, added warning message when trying to obfuscate without PowerShell installed
2017-04-22 20:17:28 -05:00
07c1092b03
ObfuscatedEmpire
2017-03-11 20:00:17 -06:00
ab1b3e5f3f
Implement Obfuscation
2017-03-11 17:35:17 -06:00
47bbfa64db
Fixed pyinstaller. Added -ForceASLR options to ReflectivePEInjection module
2016-12-09 18:17:47 -05:00
e288af484e
Fix pyinstaller launcher. Update setup script
2016-12-09 15:59:38 -05:00
d0b2ba41b4
Fix pyinstaller launcher. Update setup script
2016-12-09 15:57:39 -05:00
57a5fae21d
fixed pyinstaller so it now works with empire 2.0_beta for linux targets
2016-11-20 17:57:30 +00:00
42ec063d8a
Merge branch '2.0_beta' of https://github.com/adaptivethreat/Empire into 2.0_beta
2016-11-13 15:24:47 -05:00
25c2566a14
Added obfuscation to macho stager
2016-11-13 15:24:10 -05:00
2543d27b3f
Fix for sct launcher to hide window
2016-10-24 07:36:50 -04:00
fcfca84167
Updated dylib stager
2016-10-05 13:25:39 -04:00
e93ef08055
Updated Dylib templates. Removed hijacker generation from dylib stager menu. Added additional error checking to the HijackScanner module
2016-10-05 12:40:29 -04:00
460876d8f0
Migrated EmPyre stagers from dev branch in EmPyre repo
2016-09-29 11:41:09 -04:00
cobbr
xorrior
p3nt4
root
malcomvetter
Jim Shaver
Steve Borosh
IljaSchumacher
athegist
ThePirateWhoSmellsOfSunflowers
guly
rvrsh3ll
Tonimir Kisasondi
ceramicskate0
Adam DeMamp