xorrior
d1a8375048
WorkingHours fix
2017-08-31 10:54:32 -04:00
xorrior
a2939533bb
small change
2017-08-31 09:23:49 -04:00
xorrior
c5e8329058
added ssl import
2017-08-31 09:22:46 -04:00
xorrior
79d2bdbb5f
add ssl import
2017-08-31 09:21:33 -04:00
xorrior
015e0104d6
Merge fix for TLSv1 error
2017-08-31 08:54:56 -04:00
xorrior
cbf934d080
Fix for TLSv1 error
2017-08-31 08:54:28 -04:00
xorrior
1d97d87722
TLS v1.0 error fix in #643
2017-08-30 21:43:53 -04:00
rvrsh3ll
c8334b9a66
Fixed Macro syntax error per@utkusen #664
2017-08-30 21:28:34 -04:00
Steve Borosh
a49099da92
Merge pull request #667 from jarrodcoulter/hotfix/crontab
...
Update Crontab.py
2017-08-30 20:55:52 -04:00
xorrior
a7dd367f96
Partial patch for base64.b64decode error in #586
2017-08-30 19:50:10 -04:00
jarrodcoulter
14efafd5a1
Update Crontab.py
...
Updated the crontab persistence so that the Hour option sets the Hour rather than the minute option. This make the crontab execute every 24 hours rather than ever x minutes.
2017-08-30 14:59:50 -04:00
rvrsh3ll
463cfbd784
Obfuscation fix for MS16-135 module
2017-08-29 17:02:21 -04:00
Steve Borosh
285e993f56
Update exploit_eternalblue.py
...
Fixed per Invoke-Obfuscation requirements.
2017-08-28 21:32:11 -04:00
byt3bl33d3r
0e611e13bd
Revert "Revert "Fixed RESTAPI (issue #507 )""
...
This reverts commit ec13f26056
.
2017-08-28 18:45:37 -06:00
byt3bl33d3r
35f4b06fa8
Removed GroupName as required option in get_group_member module
2017-08-28 18:09:26 -06:00
xorrior
be117d4ca3
Update generate function for all python modules
2017-08-28 11:14:44 -04:00
rvrsh3ll
0e94876a56
Initial commit of Empire 2.1
...
Merge branch 'dev'
2017-08-28 08:48:47 -04:00
rvrsh3ll
b99a24caf2
Updated version number to 2.1
2017-08-28 08:17:52 -04:00
Chris Ross
97159646fe
Merge pull request #640 from NineFX/fix_shebangs
...
Fix shebangs
2017-08-28 00:18:37 -04:00
Chris Ross
d76d8c924d
Merge pull request #609 from winnie22/uaclevel
...
show current UAC level
2017-08-28 00:15:12 -04:00
Chris Ross
cbe1bc508d
Merge pull request #596 from winnie22/dev
...
Collection of bypass UAC modules based on fodhelper.exe, SDCLT and schtasks technique
2017-08-28 00:09:30 -04:00
Chris Ross
19b279f6fe
Merge pull request #599 from arch4ngel/dev
...
Add asterisk to modules requiring elevated context when tab completing search/usemodule (Issue 598)
2017-08-27 23:58:54 -04:00
root
6261b5deb3
changed exit logic for python agent
2017-08-27 22:15:29 +00:00
Chris Ross
8f7197e7cb
Merge pull request #635 from tkisason/patch-1
...
Fix typo in bunny.py
2017-08-26 00:11:28 -04:00
root
6eecd5e707
Fixed struct error
2017-08-26 04:03:16 +00:00
root
a300547e76
Fixed warnings patch
2017-08-20 14:42:19 +00:00
Chris Ross
b79017120d
Merge pull request #590 from Viss/patch-1
...
Silencing warnings
2017-08-18 09:05:50 -04:00
Drew Varner
332b78d07c
Fix shebangs
...
Move shebangs to /usr/bin/env foo
2017-08-16 01:41:22 -04:00
Chris Ross
5acef7a560
Merge pull request #638 from EmpireProject/background_downloads
...
Background downloads
2017-08-15 22:26:22 -04:00
xorrior
670e6a11d9
..
2017-08-15 18:10:20 -07:00
rvrsh3ll
8c834a9e5b
Changed Needs admin to true
2017-08-15 10:48:07 -04:00
xorrior
8d33585e9d
fixed path
2017-08-15 07:40:40 -07:00
xorrior
5b01f6c8d6
Still testing
2017-08-14 19:39:09 -07:00
malcomvetter
f8a4d8208d
Capture OSX credentials from the Prompt Module in the Empire DB
2017-08-14 20:46:34 -05:00
xorrior
6a13c5cbab
Testing
2017-08-14 18:11:01 -07:00
xorrior
1d763e5220
Changed agents.py
2017-08-14 16:53:11 -07:00
xorrior
986485ed29
More testing
2017-08-14 16:50:01 -07:00
xorrior
c2a1639d7b
Adjusted chunk size
2017-08-14 14:20:35 -07:00
xorrior
5ef3c0871e
Download test
2017-08-14 11:53:26 -07:00
Tonimir Kisasondi
71fc7c85a2
Fix typo in bunny.py
...
Fixed typo, since @viss made fun of it on Slack :)
2017-08-11 23:41:58 +02:00
chris
dcf7207fb6
Added manual proxy specification and credentials
2017-08-11 15:19:09 -04:00
Petr Medonos
cb64325538
Obfuscated empire changes
2017-08-11 09:41:23 +02:00
Petr Medonos
75cc9c00b5
Obfuscated empire changes
2017-08-11 09:33:04 +02:00
Steve Borosh
bdbb6f25e3
Merge pull request #633 from checkyfuntime/patch-1
...
Create dyld_print_to_file.py
2017-08-09 18:32:27 -04:00
root
834b9be663
Fix command line arguments
2017-08-09 14:52:32 -04:00
checkyfuntime
28fa1905ff
Create dyld_print_to_file.py
...
Empire module for exploitation of Mac OSX's CVE-2015-3760 (DYLD_PRINT_TO_FILE) exploit.
2017-08-06 13:04:21 -04:00
rvrsh3ll
517508d0d6
Add mimipenguin
2017-07-31 17:34:56 -04:00
Steve Borosh
b3b80cb6a8
Merge pull request #622 from EmpireProject/unicode-improvement
...
Unicode stage improvements
2017-07-28 09:27:38 -07:00
killswitch-gui
7a6e1ccb42
stage improvments
2017-07-27 23:20:14 -07:00
Steve Borosh
f3f15eeecd
Merge pull request #603 from cobbr/dev-bypass-logs
...
Bypass ScriptBlock Logging
2017-07-24 23:25:40 -07:00
Petr Medonos
59d86e4598
show current UAC level
2017-07-11 20:41:17 +02:00
cobbr
0a6ee7c082
Changed ScriptBlock Logging bypass to not contain suspicious strings
2017-07-09 16:34:08 -05:00
cobbr
ff7ef55cdf
Bypass ScriptBlock Logging
2017-07-05 00:56:13 -05:00
cobbr
11c5940d7c
Fixed merge collision
2017-07-04 21:35:24 -05:00
Petr Medonos
e68987ec7f
Bypasses UAC based on James Forshaw findings
2017-07-04 12:56:56 +02:00
Petr Medonos
82d20934e0
opsec fix
2017-07-04 10:26:53 +02:00
Petr Medonos
bdb89bd1cb
UAC Bypass based on enigma0x3 SDCLT technique
2017-07-03 15:50:15 +02:00
arch4ngel
a1f2a79a9d
Correcting hard tabs
2017-07-03 08:11:00 -04:00
arch4ngel
ad42e85076
Show modules requring elevated context with an asterisk(*) when tab completing
2017-07-03 07:56:47 -04:00
Petr Medonos
fe15c4f305
changed opsec safe to false
2017-06-30 06:55:23 +02:00
cobbr
9f16fdf594
Merge latest Empire dev commits
2017-06-29 23:17:17 -05:00
cobbr
e59364efcc
Merge latest Empire-dev changes
2017-06-29 22:11:01 -05:00
Petr Medonos
42745800c3
bypass UAC module based on fodhelper.exe technique ( https://winscripting.blog/2017/05/12/first-entry-welcome-and-uac-bypass/ )
2017-06-29 15:41:52 +02:00
Viss
be7320bd9d
Silencing warnings
...
on certain systems when launching the python stager, a bunch of warnings are thrown, and it would be stealthier if that wasn't the case. This change just stops printing warnings.
2017-06-22 21:00:52 -07:00
cobbr
4876227d23
ObfuscatedEmpire
2017-06-21 20:37:06 -05:00
cobbr
c691830ddd
Merge branch '2.0_beta' of https://github.com/cobbr/ObfuscatedEmpire into 2.0_beta
2017-06-19 22:35:34 -05:00
cobbr
8f98d642d8
Fixed Invoke-Obfuscation byte-array issue, ConfirmImpact issue, and PowerUp missing semi-colon
2017-06-19 22:35:06 -05:00
Ryan Cobb
f776011e2f
Merge pull request #8 from EmpireProject/master
...
Merge latest Empire commits
2017-06-18 22:59:28 -07:00
cobbr
f2b025395f
Added obfuscation to new modules
2017-06-19 00:46:30 -05:00
cobbr
76f1e85375
Fixed Invoke-Obfuscation command token error during agent negotiation process
2017-06-19 00:28:21 -05:00
Chris Ross
0b582eac36
Merge pull request #578 from dchrastil/module/prompt-sandboxmode
...
Added 'SandboxMode' to evade Apple Sandbox protection on applescript
2017-06-15 17:20:56 -04:00
disk0nn3ct
7074616113
Added 'SandboxMode' option to evade Apple Sandbox protections on applescript
2017-06-13 23:34:50 -06:00
Chris Ross
dbefbbda09
Merge pull request #569 from dchrastil/https/intermediate-certs
...
SSL Intermediate Certificates to support Domain Fronting
2017-06-12 15:25:39 -04:00
dchrastil
33c4f0bc6b
Revert "OCD fix for root install path having extra directory slash"
...
This reverts commit e4bf2d736a
.
reverting previous commit
2017-06-12 10:05:40 -07:00
dchrastil
ec13f26056
Revert "Fixed RESTAPI (issue #507 )"
...
This reverts commit b539e12347
.
Merged changes
2017-06-12 10:04:22 -07:00
xorrior
37c72f0428
Fix for #567
2017-06-09 23:28:42 -04:00
xorrior
5142bcbf51
Fix for #567
2017-06-09 23:27:31 -04:00
dchrastil
c25fea4e70
Updated SSL context to use the split empire-chain.pem and empire-priv.key files.
2017-06-08 08:48:42 -07:00
dchrastil
a165b7f7af
Merge branch 'dev' of github.com:EmpireProject/Empire into dev
2017-06-07 23:05:29 -07:00
Chris Ross
c9959753fc
Merge pull request #557 from tevora-threat/dropboxpull
...
Addition of DropBox Exfil Module
2017-06-07 20:13:07 -04:00
Chris Ross
b7cb687418
Merge pull request #509 from tristandostaler/dev
...
Added wmi_updater module
2017-06-06 21:38:15 -04:00
tristandostaler
c2d865be68
Added the option for the custom launcher
2017-06-06 12:30:58 -04:00
tristandostaler
af2bce2fb7
Added a handler for the custom launcher
2017-06-06 12:27:14 -04:00
tristandostaler
b41f98e776
Modified the call to powershell_launcher
...
Modified the call to powershell_launcher just so there is no bug anymore
2017-06-06 12:20:48 -04:00
Chris Ross
a629b6179a
Merge pull request #532 from ThePirateWhoSmellsOfSunflowers/add-ms16135
...
Add privesc module MS16-135
2017-06-05 23:23:43 -04:00
kevin dick
63e373a7da
added eternal blue exploitation module
2017-06-04 10:05:26 -07:00
Steve Borosh
6c3a6c2433
Merge pull request #531 from byt3bl33d3r/restfulapi_fixes
...
More RESTfulAPI fixes & Database fix
2017-06-03 20:08:01 -04:00
kevin dick
0c3170f9ca
added dropbox exfil module
2017-06-02 19:04:32 -07:00
xorrior
5a530fede9
Fixed hardcoded cert path
2017-06-01 08:09:07 -04:00
xorrior
f6e9ee8fff
Fixed hardcoded certpath
2017-06-01 08:06:53 -04:00
byt3bl33d3r
425cb7fedc
Merge branch 'dev' into restfulapi_fixes
2017-05-30 22:07:20 -06:00
rvrsh3ll
c2b155202b
BloodHound update
2017-05-26 11:58:52 -04:00
byt3bl33d3r
6ee85e73f2
Fixed RESTAPI (issue #507 )
2017-05-26 11:58:52 -04:00
xorrior
df26d264f1
Added -sta flag to launcher
2017-05-22 15:28:41 -07:00
ThePirateWhoSmellsOfSunflowers
930e31c509
Minor changes
2017-05-22 20:28:58 +02:00
byt3bl33d3r
b4d24f43f4
More RESTfulAPI fixes
...
- Fixed a bug where wrong id value was being instered into the results
and reporting table causing a mismatch between the reporting entry and
the results entry
- task_agent_shell() API call now returnes TaskID as well
2017-05-22 08:14:10 -06:00
ThePirateWhoSmellsOfSunflowers
15f961c058
Initial commit, add MS16-135 exploit
2017-05-21 20:49:49 +02:00
Steve Borosh
dbd6cdf66e
Merge pull request #529 from byt3bl33d3r/master
...
Fixed RESTAPI
2017-05-21 12:35:07 -04:00
rvrsh3ll
e4bf2d736a
OCD fix for root install path having extra directory slash
2017-05-21 12:03:58 -04:00
Steve Borosh
6cd9c6a3d9
Merge pull request #516 from ceramicskate0/master
...
Random Macro Variable and Method Names
2017-05-21 10:38:15 -04:00
byt3bl33d3r
b539e12347
Fixed RESTAPI (issue #507 )
2017-05-20 15:33:03 -06:00
ceramicskate0
ead6669eb0
fixed missing variables
...
fixed missing vari and added more random name generation algo
2017-05-18 19:19:38 -05:00
ceramicskate0
772f6818b4
Update macro.py
2017-05-18 18:50:38 -05:00
ceramicskate0
72e91e55d6
fix LengthOfVari missing error
2017-05-17 11:53:08 -05:00
Etienne Stalmans
417e66df65
liniaal agents to use with https://github.com/sensepost/liniaal
2017-05-17 08:50:49 +01:00
cobbr
d9a734a82e
Fix two more escape issues
2017-05-16 21:10:04 -05:00
cobbr
4c20594217
Improved PowerShell install, fix escape display bug
2017-05-16 21:02:53 -05:00
ceramicskate0
99d0b12b1d
randomize variable names and method names
...
Make random variable and method names in VB macro code so that it looks different every time its run and runs the same every time
2017-05-16 19:59:43 -05:00
rvrsh3ll
6d88e8ee1b
GetSchwifty fix
2017-05-16 09:25:27 -04:00
rvrsh3ll
ec6daaba3f
GetSchwifty fix
2017-05-16 09:23:45 -04:00
rvrsh3ll
7ad76fdc1f
Added get schwifty trollsploit module
2017-05-16 09:15:28 -04:00
cobbr
d11221bead
Merge latest Empire commits
2017-05-15 18:44:05 -05:00
r1p
46fa5b34f9
Added wmi_updater module
2017-05-15 11:10:51 -04:00
rvrsh3ll
9ee6c75362
Empire 2.0 Release
...
Merge branch '2.0_beta' of https://github.com/empireproject/Empire into 2.0_beta
2017-05-14 09:46:46 -04:00
rvrsh3ll
6ee117f080
Emipre 2.0 Release
2017-05-14 09:46:22 -04:00
rvrsh3ll
9602cf4184
Empire 2.0 Commit
2017-05-14 09:32:13 -04:00
Chris Ross
2654f02552
Merge pull request #504 from n00py/2.0_beta
...
Change Agent option description [Typo]
2017-05-13 23:36:59 -04:00
Chris Ross
dd0de873f8
Merge pull request #500 from tkisason/ducky_edit
...
Modified the ducky stager to use custom interpreter
2017-05-13 23:35:43 -04:00
Chris Ross
f0bbd58968
Merge pull request #499 from tkisason/bunny
...
Added windows/bashbunny stager for Empire 2.0
2017-05-13 23:35:04 -04:00
xorrior
395f4df482
Added Python language for dbx listener
2017-05-13 23:27:30 -04:00
c05083981f
Adjusted for powershell stager in Db listener
2017-05-13 02:00:21 -04:00
c5f57e36f4
Added db listener
2017-05-12 19:30:29 -04:00
rvrsh3ll
44d61d3b28
Add DCOM Lateral Movement
2017-05-12 10:10:21 -04:00
n00py
c34377e8ce
Change Agent option description
...
The template is pre-populated with "Agent to grab a screenshot from" but that description does not apply here.
2017-05-11 10:24:56 -06:00
n00py
5d197907f4
Change Agent option description
...
The template is pre-populated with "Agent to grab a screenshot from" but that description does not apply here.
2017-05-11 10:24:03 -06:00
Brandon Arvanaghi
fb4621645d
SessionGopher
2017-05-07 22:55:11 -04:00
Brandon Arvanaghi
02e2a2dfce
SessionGopher
2017-05-07 22:11:32 -04:00
Tonimir Kisasondi
789e99d790
Modified the ducky stager
2017-05-01 17:45:51 +02:00
Tonimir Kisasondi
02aa791f17
Added windows/bashbunny stager for Empire 2.0
2017-05-01 17:41:00 +02:00
chris
48116d35d6
Re-implemented /api/listeners/options GET Rest call
2017-04-28 22:04:10 -04:00
Chris Ross
38054a8cc9
Merge pull request #495 from dafyk/patch-1
...
Add custom headers if any
2017-04-28 09:23:41 -04:00
bneg
eeae4ead0e
Switch to netifaces() for getting interface name, fixes bug on Ubuntu where IP wasn't populated
2017-04-25 21:36:06 -07:00
Da-FyK
62b7c97a8d
Add custom headers if any
...
copy/pasted from http.py
2017-04-26 01:59:36 +02:00
cobbr
057636c447
Invoke-Obfuscation merged into 2.0_beta
2017-04-22 21:38:40 -05:00
cobbr
8d1efea1b9
Merge branch '2.0_beta' of https://github.com/EmpireProject/Empire into EmpireProject-2.0_beta
2017-04-22 21:08:55 -05:00
chris
e1f7bda70e
Moved management/redirector to inactive modules
2017-04-22 21:31:47 -04:00
cobbr
672ea33a72
Remove debug output
2017-04-22 20:19:21 -05:00
cobbr
dac5ba6b39
Improved preobfuscate command, better support for invoke-obfuscation style obfuscate commands, added warning message when trying to obfuscate without PowerShell installed
2017-04-22 20:17:28 -05:00
chris
e6fc1bebd7
Fixed dll stager for use in other platforms
2017-04-22 20:23:55 -04:00
Chris Ross
0915ab2a66
Merge pull request #492 from ThePirateWhoSmellsOfSunflowers/fix-padding-pkcs7
...
Fix PKCS7 padding to be RFC compliant
2017-04-20 23:41:18 -04:00
Chris
a6499372fb
Merge branch 'patch-1' of https://github.com/bneg/Empire into bneg-patch-1
2017-04-20 20:21:29 -07:00
Chris Ross
3b722d013f
Merge pull request #483 from Kevin-Robertson/2.0_beta
...
Inveigh 1.3.1 Modules
2017-04-20 21:42:41 -04:00
Chris Ross
92cc1ec36d
Merge pull request #472 from benichmt1/wlmdr-2.0_beta
...
Add Wlrmdr.exe Popup module (Licensing Balloons) - 2.0 beta format
2017-04-20 21:29:34 -04:00
a5b9f44cad
Moved socks module
2017-04-20 21:21:39 -04:00
Chris Ross
042f24ab3b
Merge pull request #478 from klustic/2.0_beta
...
Added a module for SOCKSv5 proxying
2017-04-20 21:17:48 -04:00
ThePirateWhoSmellsOfSunflowers
a23c636531
Fix PKCS7 padding to be RFC compliant, should resolv #458
2017-04-20 20:21:57 +02:00
Kevin Robertson
534218cf31
Inveigh 1.3.1 Modules
...
Sync with Inveigh 1.3.1.
2017-04-09 16:37:51 -04:00
Chris Ross
1ad0e12b80
Merge pull request #455 from ThePirateWhoSmellsOfSunflowers/add-proxy-headers
...
Add HTTP headers to avoid proxy caching
2017-04-09 16:16:46 -04:00
Chris Ross
287ecd3f0a
Merge pull request #452 from n00py/2.0_beta
...
VNC Inject
2017-04-09 16:08:41 -04:00
Chris Ross
3cafd25f51
Merge pull request #437 from 0xbadjuju/2.0_beta
...
PowerUpSQL Modules
2017-04-09 14:59:11 -04:00
Chris Ross
9a6f8f970e
Merge pull request #404 from mr64bit/http_hop
...
Fix agent staging over http_hop listeners.
2017-04-09 09:42:52 -04:00
Chris Ross
3baad71f09
Merge pull request #438 from erikbarzdukas/dev-monitortcp
...
New module to monitor TCP connections
2017-04-08 23:16:12 -04:00
Chris Ross
a58e1c8d6d
Merge pull request #350 from leesoh/powershell-template
...
Documentation, reorganization, and a touch of PEP8
2017-04-08 15:32:41 -04:00
rvrsh3ll
c6bd9b11c0
ipv6 support added
...
Merge branch '2.0_beta' of https://github.com/empireproject/Empire into 2.0_beta
2017-04-08 07:37:59 -04:00
rvrsh3ll
eb7f1d6483
IPv6 Modifications
2017-04-07 21:50:53 -04:00
Chris Ross
dd13b13604
Merge pull request #481 from ThePirateWhoSmellsOfSunflowers/fix-harcoded-path
...
Fix harcoded path, should resolv #465
2017-04-06 17:53:06 -04:00
ThePirateWhoSmellsOfSunflowers
51082a66fc
Fix harcoded path, should resolv #465
2017-04-06 20:02:00 +02:00
Chris
9d5652284c
Added global options tab completion
2017-04-06 06:45:23 -07:00
stderr
01f530700e
Fixed bug in HTTP handler that can throw exceptions while parsing Cookies.
2017-04-05 15:30:01 -04:00
Kevin
05dae225b6
Added a new module for SOCKSv5 proxying
...
When executed, this module connects back to a designated AlmondRocks server under SSL. The AlmondRocks server acts as a SOCKSv5 proxy, and multiplexes all SOCKS communications over the single SSL connection to/through the target, enabling any SOCKSv5 client (e.g. curl, proxychains) to extend past NAT devices into the target network.
This is based on the following work:
https://github.com/klustic/AlmondRocks
** Server Usage **
$ ./almondrocks.py server -d -t 4433 --cert cert.pem --key key.pem
** Empire Usage **
set HOST 192.168.20.10
set PORT 4433
set Agent ...
2017-04-05 10:24:31 -06:00
Michael Benich
d948ce3eb2
Fixed extra bracket
2017-03-13 13:51:26 -04:00
cobbr
886e33c425
Latest Invoke-Obfuscation commits
2017-03-12 17:16:54 -05:00
cobbr
52008f8a32
Update powershell module template
2017-03-11 22:10:21 -06:00
cobbr
07c1092b03
ObfuscatedEmpire
2017-03-11 20:00:17 -06:00
cobbr
ab1b3e5f3f
Implement Obfuscation
2017-03-11 17:35:17 -06:00
Michael Benich
76dd97ca99
Add wlmdr.py (for 2.0_beta_
...
Update for 2.0 module
2017-03-02 16:26:01 -05:00
Chris Ross
35fd51d166
Added 1MB upload limit
2017-02-17 09:25:05 -08:00
ThePirateWhoSmellsOfSunflowers
2ff9375ccf
Add HTTP headers to avoid proxy caching
2017-02-13 23:36:20 +01:00
Alexander Rymdeko-Harvey
85e28b2757
Merge pull request #450 from EmpireProject/2.0_beta_sniffer
...
add osx sniffer/fix sudospawn
2017-02-12 11:24:19 -05:00
n00py
b8f0bb2bbd
Added module for enabling ARD
2017-02-10 08:38:46 -07:00
n00py
f6a0ed6f0e
Update vnc.py
2017-02-09 15:12:35 -07:00
n00py
d78972ea05
Create vnc.py
2017-02-09 15:07:40 -07:00
killswitch-gui
dd6a8d4450
change imports
2017-02-08 11:55:57 -05:00
killswitch-gui
beca8fa1a9
add in ability to set interface
2017-02-08 09:31:38 -05:00
killswitch-gui
0ff5a98dd9
add osx sniffer/fix sudospawn
2017-02-07 23:50:01 -05:00
Chris Ross
078588fc93
Added logic to use custom HTTP headers defined in the profile
2017-02-07 19:17:10 -08:00
Chris Ross
25a91dec5b
Added logic for saving module ouput for py and powershell agents. Fixed issue 435
2017-01-21 10:37:52 -08:00
Alexander
de9b05e5f9
Merge remote-tracking branch 'refs/remotes/adaptivethreat/2.0_beta' into 2.0_beta
2017-01-17 11:00:13 -06:00
root
72727f2ecd
Merge branch '2.0_beta' of https://github.com/erikbarzdukas/Empire into dev-monitortcp
...
Updated repo
2017-01-16 18:50:02 -05:00
root
e16ed25d07
Updated python module code
2017-01-16 18:22:50 -05:00
Alexander
affd33d413
2.0 Initial Commit
2017-01-16 14:08:27 -06:00
Chris Ross
812f721b84
Added Empire Custom Import hook to allow for in memory python module imports
2017-01-16 08:31:34 -08:00
Chris
4b79172d13
Removed unnecessary imports for Foundation and LaunchServices
2017-01-09 20:59:14 -05:00
Chris
3e7c2b9dea
Removed Foundation import. Unnecessary.
2017-01-09 20:54:31 -05:00
Chris
bfd9ee1413
Changed native_screenshot to be opsec safe. Added safe aliases for screenshot, ls, whoami
2017-01-07 22:15:20 -05:00
root
3ee18a061f
Initial monitortcpconnections file
2017-01-06 16:50:04 -05:00
Chris
e5bf468158
Fix for issue #382 . Fixed downloads in python agent. updated install script to include zlib_wrapper module.
2017-01-04 22:39:37 -05:00
Chris Ross
89d06f06fb
Merge pull request #424 from mr64bit/fix_agent_shell
...
Fix agent shell commands, broken in commit 3148493
2016-12-23 20:36:55 -05:00
Chris
3fae3e2ac5
Modified how listener settings are obtained to resolve issue 412
2016-12-23 00:20:48 -05:00
Chris
58efd3d0c3
Fixed logic for PEUrl and DllPath check
2016-12-21 09:05:44 -05:00
mr64bit
db5af9caf9
Fix agent shell commands, broken in commit 3148493
2016-12-20 08:45:10 -05:00
Chris
714c56e58b
Add Invoke-ExecuteMSBuild lateral movement module
2016-12-14 17:04:02 -05:00
Chris
5125340ca2
Added logic to gather the proxies and add them to a proxy handler
2016-12-12 22:16:57 -05:00
Chris
3148493e15
Fixed issue 421 in reflectivepeinjection module
2016-12-11 21:43:19 -05:00
Chris
2d96a72460
Swapped native_screenshot with screenshot source. Modules were named improperly
2016-12-10 22:48:13 -05:00
Chris
2058b86ae8
Corrected key for self.mainMenu.stagers.stagers['windows/launcher_bat']
2016-12-10 12:31:22 -05:00
Chris
47bbfa64db
Fixed pyinstaller. Added -ForceASLR options to ReflectivePEInjection module
2016-12-09 18:17:47 -05:00
Chris
e288af484e
Fix pyinstaller launcher. Update setup script
2016-12-09 15:59:38 -05:00
Chris
d0b2ba41b4
Fix pyinstaller launcher. Update setup script
2016-12-09 15:57:39 -05:00
mr64bit
6c3f51aca9
Fix agent staging over http_hop listeners.
...
Fixes issue #370 .
2016-11-28 11:54:57 -05:00