infosecn1nja
/
Empire
mirror of https://github.com/infosecn1nja/Empire.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
611 Commits
11 Branches
13 Tags
21 MiB
Commit Graph

360 Commits (85e28b275774587b9ccba23c49331d9d4a412404)

Author SHA1 Message Date
n00py 5ac6b9cf00 modified mail 2016-10-08 12:47:03 -07:00
n00py 1ae3fb906c Merge remote-tracking branch 'origin/2.0_beta' into 2.0_beta 
# Conflicts:
#	lib/modules/python/persistence/osx/mail.py
 2016-10-08 12:46:25 -07:00
n00py 17e97360ff new modules 2016-10-08 12:45:44 -07:00
n00py 2c5d7f5373 Delete mail.py 2016-10-08 11:19:51 -07:00
n00py 06d580e69a new modules 2016-10-07 22:04:58 -07:00
n00py 236d303da3 new modules 2016-10-07 20:52:42 -07:00
n00py c23ceac128 new modules 2016-10-07 20:38:27 -07:00
n00py 16d0df5f04 new modules 2016-10-07 20:38:07 -07:00
mlinton b45d417e1d Typo 
Changed from screenshot
 2016-10-07 13:58:26 -06:00
HarmJ0y 3ddfe7786f Second fix for Host specification in listeners. 2016-10-06 17:01:43 -04:00
HarmJ0y 9f813549f7 Added autoruns back in. 2016-10-06 14:59:11 -04:00
HarmJ0y af8ffcda76 Fixed function renaming typo. 2016-10-06 14:32:33 -04:00
xorrior fcfca84167 Updated dylib stager 2016-10-05 13:25:39 -04:00
xorrior 7bcf125412 Merge branch '2.0_beta' of https://github.com/adaptivethreat/Empire into 2.0_beta 2016-10-05 12:41:01 -04:00
xorrior e93ef08055 Updated Dylib templates. Removed hijacker generation from dylib stager menu. Added additional error checking to the HijackScanner module 2016-10-05 12:40:29 -04:00
rvrsh3ll e7a914c4b4 Listener Code Cleanup 2016-10-05 11:00:01 -04:00
rvrsh3ll 343d0840c0 Merge branch '2.0_beta' of https://github.com/adaptivethreat/Empire into 2.0_beta 2016-10-05 10:06:53 -04:00
root b94a81a4e2 Listener fix for issue 324 2016-10-05 10:06:04 -04:00
HarmJ0y 312d0ffb5c Fix for listeners/http_hop staging 2016-10-01 15:33:41 -04:00
@424f424f d6a0951848 Fix listeners for issue #324 2016-10-01 01:53:05 -04:00
@424f424f 8ad39bb3fc SSL Launcher Fix 2016-09-29 16:01:46 -04:00
HarmJ0y 844b8cdabf If https is indicated for a host in listeners/http but a certificate isn't specified, 
one will now be generated by Flask on the fly
 2016-09-29 14:32:54 -04:00
HarmJ0y 1ab09ebb32 Fixed hardcoded cert path for listeners/http 2016-09-29 14:23:32 -04:00
xorrior 460876d8f0 Migrated EmPyre stagers from dev branch in EmPyre repo 2016-09-29 11:41:09 -04:00
HarmJ0y 26cd0089dd 2.0.0 beta, DerbyCon release 2016-09-23 14:04:35 -04:00
HarmJ0y 2ba4e7c3c6 prep for 1.6.0 release 2016-09-17 17:16:03 -04:00
enigma0x3 f030cf6232 Patched RCE dubbed "skywalker 2.0" thanks to @zeroSteiner. 2016-09-16 09:15:13 -04:00
rschoem 68935276ff Create scrambled_macro.py 
Stager based on the normal macro stager. Adds "noise" to the payload to help evading signature based AV solutions
 2016-08-19 23:22:14 +02:00
enigma0x3 eefc493411 Added fileless UAC bypass using eventvwr.exe 2016-08-15 17:55:57 -04:00
Matt Nelson b7010b7f37 Merge pull request #164 from 0xbadjuju/master 
Resubmitting pull request for normal module
 2016-08-13 21:28:00 -04:00
chris e4aad33146 Renamed module. Merged embedded assemblies. Fixed issue with module execution 2016-07-24 20:16:55 -04:00
Harmj0y bec33f73ac moved collection/keethief to collection/vaults/keethief 
added collection/vaults/find_keepass_config to enumerate KeePass configs on a system
added collection/vaults/add_keepass_config_trigger to add a trigger backdoor to all reachable KeePass instances
added collection/vaults/get_keepass_config_trigger to enumerate all triggers for all reachable KeePass instances
added collection/vaults/remove_keepass_config_trigger to remove all triggers for all reachable KeePass instances
misc. bug fixes
 2016-07-20 23:44:30 -04:00
Harmj0y 7790b250a2 misc. bug fixes and standardization updates 2016-07-20 23:39:25 -04:00
Harmj0y 0163ebec06 Added missing Invoke-CredentialInjection.ps1 file 
Updated .gitignore
 2016-07-20 21:51:14 -04:00
Harmj0y fe43560bad Fix for issue #285 - credential export supporting commas 
Start of code standardization/pep8 cleanup - mods to agents.py, empire.py, and credentials.py
Updated changelog
 2016-07-20 21:28:27 -04:00
Harmj0y 2e8a7fba94 Merge branch 'dev' of github.com:PowerShellEmpire/Empire into dev 2016-07-20 19:24:23 -04:00
Harmj0y 7167f22500 added system name to screenshot output for issue #273 
start of code pep8/pylint standardization - various cleaning
 2016-07-20 19:06:42 -04:00
Matt Nelson e83b545476 Merge pull request #277 from BeetleChunks/master 
Adding credentials module to extract the current interactive user's Credential Manager credentials.
 2016-07-16 22:06:04 -04:00
Harmj0y ece3a3b540 fix for issue #248 2016-07-16 21:54:18 -04:00
Harmj0y 7d697cb4b7 Expanded 'creds X' query to search domain and password as well, wildcards (*) accepted 2016-07-16 21:27:35 -04:00
Harmj0y 39d174235a Added module collection/keethief 2016-07-16 19:58:08 -04:00
Harmj0y 21893bacde Fix for issue #257 - sysinfo now tasked after steal_token/revtoself 2016-07-15 19:14:43 -04:00
Harmj0y c9bae2fc4c Fix for issue #252 2016-07-15 19:00:49 -04:00
Harmj0y c38256ab5c Semi-global interact command for issue #258 2016-07-15 18:56:38 -04:00
Harmj0y 75f3e2c410 Merge branch 'dev' of https://github.com/PowerShellEmpire/Empire into dev 2016-07-15 18:06:49 -04:00
Harmj0y 7c5a07581d Fix for issue #221 2016-07-15 18:06:20 -04:00
HarmJ0y 8028963b64 Merge pull request #274 from curi0usJack/dev 
Adding SMB auto-brute module
 2016-07-15 14:51:25 -07:00
BeetleChunks 5094c10a42 Add files via upload 2016-07-08 08:59:44 -05:00
@424f424f 05302321ac Add Browser Search Module 2016-07-07 22:46:41 -04:00
curi0usJack 97aa252cad Added smbautobrute.py 2016-07-07 16:31:34 -05:00
enigma0x3 8666d5f5f8 included fix by @i223t for 417 Expectation failed error when going through older Squid proxies 2016-06-24 22:51:46 -04:00
Matt Nelson 40e1639889 Revert "417 Expectation failed error fix" 2016-06-24 22:42:13 -04:00
Matt Nelson 40519e76ea Merge pull request #55 from i223t/expect100continue_fix 
417 Expectation failed error fix
 2016-06-24 22:42:07 -04:00
Matt Nelson 039934b883 Merge pull request #235 from Kevin-Robertson/master 
Sync with Inveigh 1.1.1 and current Tater
 2016-06-24 22:15:37 -04:00
Matt Nelson 2a23255460 Fixed typo thanks to @jrmdev 
Typo prevented the module from working. Implemented fix submitted here: https://github.com/PowerShellEmpire/Empire/pull/262 by @jrmdev.
 2016-06-24 21:33:12 -04:00
Matt Nelson fae79cef1d Merge pull request #247 from n0clues/master 
Change paths from %TEMP% to %PUBLIC% for spawnas module
 2016-06-24 21:24:48 -04:00
n0clues 9c00cb4d70 Change paths from %TEMP% to %PUBLIC% for spawnas module 2016-06-16 16:09:50 +02:00
Harmj0y b6db99f66f Fix for situational_awareness/host/computerdetails object output. 2016-05-27 15:16:22 -04:00
Harmj0y 0fb6599c77 More verbose output for Invoke-ServiceCMD in PowerUp to address issue #219 2016-05-27 14:37:15 -04:00
Harmj0y 7a47ea3583 Fix for issue #232 2016-05-27 14:02:34 -04:00
leoloobeek 75dfe996e7 Typo fix 2016-05-12 01:41:29 -05:00
lloobeek 61bddbc9ab Edited MS16-032 exploit for Empire 2016-05-12 01:16:04 -05:00
Kevin Robertson 5158c160b4 Sync with Inveigh 1.1.1 and current Tater 2016-05-10 23:12:34 -04:00
Alexander 9c8feb170f Merge remote-tracking branch 'refs/remotes/PowerShellEmpire/dev' 2016-04-29 15:10:45 -05:00
Alexander 065f940f4d Merge remote-tracking branch 'refs/remotes/PowerShellEmpire/master' 2016-04-29 15:10:19 -05:00
Jared Haight 5d101cb228 typing is hard 2016-04-29 14:50:34 -04:00
Jared Haight 6e42249417 removed template stuff 2016-04-29 14:49:03 -04:00
Jared Haight b3224860df adding the invoke-metasploitpayload module 2016-04-29 11:52:58 -04:00
HarmJ0y 47c75a5902 Merge pull request #198 from matterpreter/dev 
Teensy stager
 2016-04-28 15:48:46 -07:00
Rob Fuller 7d692a1f69 No need for elevated 
You don't need elevation to extract kerberos tickets
 2016-04-28 08:35:30 -04:00
matterpreter a4b99d41f9 Teensy stager 
Adds the capability to generate a Teensy script to run a one-liner
stage0 launcher. Similar to the existing ducky stager.
 2016-04-27 15:58:47 -04:00
Harmj0y b977dec1ae Updated PowerView 
Added credentials/get_spn_tickets to request user SPN tickets
Added credentials/mimikatz/extract_tickets to extract kerberos tickets from memory
Updated PowerView location citations
 2016-04-24 11:26:39 -04:00
Harmj0y f699ec510d Fix for issue #178 2016-04-24 10:29:11 -04:00
Matt Nelson 56f7837c0f Rename regsvr32.py to launcher_sct.py 2016-04-21 17:06:19 -04:00
Matt Nelson 95fbf7f8c5 Merge pull request #193 from subTee/master 
regsvr32 (sct) Stager
 2016-04-21 17:05:26 -04:00
Casey Smith 0686f48e37 Update regsvr32.py 2016-04-21 13:02:18 -06:00
Casey Smith f7df5ee06a Update regsvr32.py 2016-04-21 12:53:01 -06:00
Casey Smith 37f6e4f362 Update regsvr32.py 2016-04-21 12:52:40 -06:00
Casey Smith eb764d1aa9 Create regsvr32.py 2016-04-21 12:49:33 -06:00
Matt Nelson dce67beaeb Added tab-completion for list command 2016-04-15 14:42:12 -04:00
HarmJ0y 96ac925773 Merge pull request #182 from xorrior/master 
Added MiniEye collection module; Minor change to ChromeDump
 2016-04-11 15:47:19 -07:00
xorrior 523e4458c1 Added MiniEye collection module; Minor change to ChromeDump 
MiniEye - Collect recordings from Webcam.
ChromeDump - Modified sqlite DB connection string for read-only access.
 2016-04-09 22:11:28 -04:00
HarmJ0y 54037db2b6 Merge pull request #176 from luxcupitor/dev 
Modules for unauthenticated access to Jenkins Script Consoles to run OS commands
 2016-04-08 15:12:17 -07:00
HarmJ0y db7c1c95b3 Merge pull request #177 from n0clues/master 
Binding Empire's native listeners to IP specified in Host option…
 2016-04-06 22:21:25 -07:00
n0clues f376dc243c Binding Empire's native listeners to IP specified in Host option instead to 0.0.0.0 - issue#175 2016-04-06 14:24:02 +02:00
Lux Cupitor 4f61ecda2b added modules for unauthenticated Jenkins Script console access 2016-04-06 08:06:24 -04:00
Harmj0y b56e5d29ec listener starting now returns more verbose errors on failure in console and API 
merge of @mynameisiv's .jpg screenshot PR
fix for path errors in some cases for ./setup/setup_database.py
 2016-04-01 17:06:21 -04:00
mynameisv 917cb2b246 screeshot in jpeg and shortcut 2016-03-31 23:27:15 +02:00
Harmj0y ac5b002301 Updated changelog and version number for 1.5.0 release. 2016-03-31 16:06:02 -04:00
HarmJ0y dae17d1bc1 Merge pull request #165 from Kevin-Robertson/master 
Inveigh 1.1 and Tater Modules
 2016-03-31 11:13:53 -07:00
Harmj0y c6662d8a3a Added loading of external module directories with the 'load /DIR/' command in the main menu. 
Solves issue #81.
 2016-03-30 23:03:02 -04:00
Kevin Robertson 32b36c9597 Comment/Notes changes and WPADResponse removal 
Updated additional comment/notes. I removed WPADResponse from inveigh
and inveigh_bruteforce since wpad.dat code contains commas. The python
code that is parsing the commas for the array parameters is getting in
that way. I can add WPADResponse back in later.
 2016-03-30 15:35:44 -04:00
Alexander d7cf4c02c4 Merge branch 'master' of https://github.com/0xbadjuju/Empire 2016-03-30 08:27:52 -05:00
Alexander e6aff73eb1 Merge remote-tracking branch 'refs/remotes/origin/dev' 2016-03-30 08:21:56 -05:00
Kevin Robertson 987679bd9a Fixed missing single quote in description 2016-03-30 08:52:20 -04:00
Kevin Robertson 7a3a95f735 Sync features with updated versions of Inveigh and Tater 
Upgrading collection/inveigh, lateral_movement/inveigh_relay, and
privesc/tater. Adding collection/inveigh_bruteforce.
 2016-03-29 23:55:39 -04:00
Alexander 74945a953a Update normal.py 2016-03-29 17:00:45 -05:00
Alexander f6fc8550b1 Added normal.dot persistence mechanism 2016-03-29 16:38:02 -05:00
Harmj0y b3e8ebabe5 Expanded server/agent epoch check from +/- 10 minutes to +/- 12 hours 2016-03-26 00:00:40 -04:00
Harmj0y c2ba61ca8d added -sta to stager launching 2016-03-25 19:45:09 -04:00