infosecn1nja
/
Empire
mirror of https://github.com/infosecn1nja/Empire.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
326 Commits
11 Branches
13 Tags
21 MiB
Commit Graph

186 Commits (b0d90be6fe3c54654ba06eb4875ec40cdde5e135)

Author SHA1 Message Date
enigma0x3 d5344b6716 Merge pull request #51 from xorrior/master 
Modified Invoke-WinEnum
 2015-10-13 06:56:12 -04:00
enigma0x3 4f413b1a98 Updated name so the script loads correctly. 2015-10-12 17:26:59 -04:00
enigma0x3 a46bdac77d Updated to remove testing code and return "script" 2015-10-08 19:24:08 -04:00
Harmj0y 6be3d4ce8b remove debug 2015-09-22 09:34:27 -04:00
Harmj0y 858f6b3a1c Additional download file path checks. 2015-09-22 09:33:21 -04:00
Harmj0y 9079a54119 Fix for 'skywalker' file overwrite exploit on control server. 
Thank you to @zeroSteiner for the disclosure!
 2015-09-21 22:32:46 -04:00
xorrior 7541ea23e8 Modified Invoke-WinEnum 
Added Firewall Rules enumeration. Slightly modified file searches to
only pull files owned by the user. Changed formatting.
 2015-09-14 16:34:32 -04:00
Harmj0y ed8c476f43 Added credentials/mimikatz/mimitokens to take advantage of Mimikatz' token listing/elevation 
Added management/enable_multi_rdp to patch terminal services to allow mutiple connections
 2015-09-12 08:32:43 -04:00
Harmj0y 140c4baf7a Fixed write_dllhijacker. 2015-09-12 08:23:12 -04:00
enigma0x3 d581538fd1 updated description 2015-09-09 13:46:07 +02:00
enigma0x3 629c8f695c Updated to change comment wording 2015-09-03 07:55:48 -04:00
pasv 22dea0ba0a Fixed module template to reflect required OutputExtension parameter 2015-09-03 04:05:45 -04:00
pasv 875284be7a Working release 2015-09-03 03:44:34 -04:00
Harmj0y fd1d17a647 Added /dc option to credentials/mimikatz/dcsync 2015-09-02 21:43:01 -04:00
Jack64 d06370e4f1 fix hard-coded event subscription name 
Before this change, the command
` set SubName `
did not change the event subscription name installed by the agent as instructed by the user.
 2015-08-31 15:45:38 +01:00
Harmj0y a92189b95c Updated changelog and version for 1.2 release. 2015-08-30 15:59:50 -04:00
Harmj0y e1cdef1d19 Removed print output 2015-08-30 15:47:47 -04:00
Harmj0y 40fda2dd04 Merge branch 'master' of https://github.com/PowerShellEmpire/Empire 2015-08-29 20:35:10 -04:00
Harmj0y c021bdf6f3 Credentials from collection/prompt now scraped into the creds db 2015-08-29 20:34:23 -04:00
Harmj0y 788be8b06a Converted message HMAC from MD5 to SHA1 2015-08-27 18:40:19 -04:00
Harmj0y a669c85824 Modified war stager to not drop any temp files to disk. 2015-08-26 20:23:10 -04:00
HarmJ0y c0d7fcaf55 Merge pull request #30 from ch33kyf3ll0w/master 
Added the war.py Stager
 2015-08-26 20:18:50 -04:00
HarmJ0y 8eaf601ea5 Merge pull request #33 from PowerShellEmpire/inveigh 
Integration of Kevin Robertson's Inveigh project
 2015-08-26 17:23:52 -04:00
enigma0x3 d3fc5137d4 added privesc/bypassuac_wscript 2015-08-25 21:18:48 -04:00
Harmj0y fb9c18769f Added collection/inveigh. 2015-08-25 17:21:59 -04:00
sixdub d1ce277330 Merge branch 'master' into international_support 2015-08-24 22:56:58 -04:00
ch33kyf3ll0w ef64deb25d Created war.py 
Wrote a new stager that deploys the empire agent via WAR file.
 2015-08-24 18:40:06 -05:00
sixdub 32e95b4f93 Fixed credential parsing bug 2015-08-24 18:42:32 -04:00
Harmj0y b2cca2f3fd Added credentials/mimikatz/dcsync for remote DC credential extraction 
Added situational_awareness/network/get_domaintrusts
Added /sids argument for credentials/mimikatz/golden_ticket
Added credential parsing for dcsync output
updated links for PowerTools
 2015-08-24 17:33:35 -04:00
root 31febba7cb Modified packet. Support unicode chars in agent 2015-08-24 09:04:21 -04:00
Justin cf935db0ae Merge pull request #18 from 1njected/master 
Added support for custom proxy and fixed Epoch/counter to support other cultures/datetime-formats
 2015-08-24 08:00:58 -04:00
Harmj0y 59633fefa1 More bug fixes for lsadump::dcsync. 2015-08-24 01:45:04 -04:00
Harmj0y 683e6403c3 Added -Domain option for lsadump::dcsync in credentials/mimikatz/dcsync 2015-08-24 01:33:12 -04:00
Harmj0y be637dd38a Updated .dll for Invoke-Mimikatz, including lsadump::dcsync functionality. 2015-08-24 01:28:11 -04:00
Harmj0y 54c7300998 Tweaks to fix for issue #23 2015-08-21 15:24:12 -04:00
Harmj0y b434102f2c Error handling for issue #23 2015-08-21 14:17:55 -04:00
Harmj0y 5b40197fd5 'list [agents/listeners] <modifier>' should now be a universal option in every menu 
Added 'run' alias for 'execute' in listener menu as well.
 2015-08-20 19:08:40 -04:00
Harmj0y 0e0c94b94a Aliased run for execute. 2015-08-20 18:49:23 -04:00
Harmj0y 804e1a01a2 Revamped basic shell operations in agent core (cp, dir, mv, etc.) 
Standardized UNC path normalization in agent core
added hostname alias
 2015-08-20 15:32:26 -04:00
Harmj0y 39d974bb09 Continued porting native shell commands to WMI replacents in agent core 
In agent menu, 'shell CMD' now runs straight IEX CMD, and 'help agentcmds' shows safe aliases
Modified ./setup/reset.sh to work from parent or ./setup/ folders
 2015-08-20 14:35:42 -04:00
Harmj0y 4bb0bc4d47 Corrected menu behavior on agent exit, bug fix on some dir behavior 2015-08-19 15:51:36 -04:00
Harmj0y 23a3aa3f07 Added management/zipfolder for folder zipping/exfiltration. 2015-08-19 14:56:00 -04:00
Harmj0y 46bf3040f0 Added collection/packet_capture to use netsh to initiate a packet capture. 2015-08-19 12:57:35 -04:00
Tomas Rzepka cf96626e8d Added support for custom proxy. 2015-08-19 10:00:32 +02:00
Harmj0y f07a4d4a3f Added collection/netripper implementation of the NetRipper project from Ionut Popescu (@NytroRST) 2015-08-18 21:09:05 -04:00
ch33kyf3ll0w 5308dafff2 Update hta.py 
Unexpected line ident. Threw off Empire startup.
 2015-08-16 12:27:26 -05:00
Casey Smith 1d37d7702a Create hta.py 2015-08-16 10:46:29 -04:00
Harmj0y 6ddce8bb7e Added lateral_movement/invoke_psexec 2015-08-16 10:46:22 -04:00
Harmj0y 2b499a559c Added modules management/timestomp, trollsploit/process_killer, persistence/elevated/wmi, situational_awareness/network/smbscanner 2015-08-16 10:46:12 -04:00
enigma0x3 8c36d463e3 Update macro.py 
"Set" in VBA instantiates an object. A string var isn't defined as an object, so this fails. Updated to remove "Set" from initial str instantiation.
 2015-08-14 09:43:13 -04:00
sixdub 4a1a4e6960 Fixed IOError 2015-08-14 09:43:12 -04:00
enigma0x3 3ade74603f Update schtasks.py 
fixed registry storage
 2015-08-14 09:43:12 -04:00
enigma0x3 afe64910a3 Update registry.py 
Updated to fix execution of registry key

fixed registry parsing
 2015-08-14 09:43:02 -04:00
Harmj0y 4572513129 Bug fix in stagers/macro module. 2015-08-14 09:43:01 -04:00
enigma0x3 52de78bfc3 Update registry.py 
Made listener requiered.
 2015-08-14 09:42:55 -04:00
enigma0x3 7ca33a108e Update messages.py 2015-08-14 09:42:54 -04:00
enigma0x3 3222556c2c Update empire.py 2015-08-14 09:42:54 -04:00
enigma0x3 6ace392e19 added additional delay to intervalmax 
Ensures only stale agents are actually listed.
 2015-08-14 09:42:54 -04:00
Harmj0y d44b1f1ec6 Added "list stale" and "remove stale" agents commands to list/remove 
agents past their max checkins.
 2015-08-14 09:42:54 -04:00
Harmj0y 8423c4f3bf "agents> remove X" now removes agents that checked in > X minutes ago 2015-08-14 09:42:54 -04:00
Rohan Vazarkar bdfec8c732 Updated title credits to include enigma0x3 2015-08-14 09:42:54 -04:00
Harmj0y 404d435bb0 Fixed agent.log output bug with new lostlimit logic. 2015-08-14 09:42:54 -04:00
Harmj0y 02c25719a1 Few bug fixes for the LostAgentDetection code. 2015-08-14 09:42:54 -04:00
sixdub da6c5a983c Updated Lost Agent Detection 2015-08-14 09:42:54 -04:00
sixdub 834b5c03fc Added missed CB limits 2015-08-14 09:42:54 -04:00
enigma0x3 ef6b645ffe updated to fix usestager tab completion bug 2015-08-10 09:06:13 -04:00
enigma0x3 57c2d26333 updated ip_whitelist from file 
when setting whitelists from a text file, empire adds the contents of that file to the IP black lists. updated to ensure it adds the IPs to the correct list.
 2015-08-10 07:53:22 -04:00
Jon Cave 4624cff0e6 Authenticate the encrypted communications 2015-08-08 18:54:02 +01:00
Harmj0y 629c648c2b Updated citataions and documentation. 2015-08-08 12:06:44 -04:00
enigma0x3 175d8df7f0 Update userhunter.py 2015-08-06 04:08:50 -04:00
enigma0x3 fb6c28bd3b Update stealth_userhunter.py 2015-08-06 04:08:37 -04:00
enigma0x3 174e767721 Update sharefinder.py 2015-08-06 04:08:22 -04:00
enigma0x3 c911a5c478 Update reverse_dns.py 2015-08-06 04:08:08 -04:00
enigma0x3 d8dbcc7eea Update portscan.py 2015-08-06 04:07:51 -04:00
enigma0x3 d1d9ba6e36 Update netview.py 2015-08-06 04:07:34 -04:00
enigma0x3 0f3607ad9a Update mapdomaintrusts.py 2015-08-06 04:07:15 -04:00
enigma0x3 508c39c3fe Update get_user.py 2015-08-06 04:06:58 -04:00
enigma0x3 65a25425cf Update get_spn.py 2015-08-06 04:06:40 -04:00
enigma0x3 fd5d181b9d Update get_localgroup.py 2015-08-06 04:06:19 -04:00
enigma0x3 63ec7e252b Update get_exploitable_systems.py 2015-08-06 04:06:02 -04:00
enigma0x3 1915ee033a Update get_computer.py 2015-08-06 04:05:30 -04:00
enigma0x3 9c3b2192e4 Update find_localadmin_access.py 2015-08-06 04:05:11 -04:00
enigma0x3 8d9bdf272b Update arpscan.py 2015-08-06 04:04:46 -04:00
Jared Haight ca0a2e1bdf Fixed file path typo 2015-08-05 21:19:44 -04:00
Jared Haight e3148de261 Fixed file path typo 2015-08-05 21:19:18 -04:00
Harmj0y 751d0c15d6 Initial BSidesLV '15 release of v1.0.0 2015-08-05 14:36:39 -04:00