4bab4f9484
'seachmodule' with no term now lists all modules and descriptions
2016-02-16 00:35:32 -05:00
8b385928dc
Added Tater privesc module
...
Empire module version of https://github.com/Kevin-Robertson/Tater .
2016-02-15 18:40:09 -05:00
3cf322e76a
Fix for issue #125
2016-01-14 15:57:26 -05:00
c0d427cdc8
Corrected several bugs in how the workingHours window is handled in the agent
...
Added validation to the workinghours time format
2016-01-11 01:24:46 -05:00
e696bb7078
spelling mistakes
2015-12-30 16:18:59 -05:00
680091974c
Merge pull request #121 from PowerShellEmpire/dev
...
Empire 1.4 release.
2015-12-29 16:54:55 -08:00
8281a9e7ba
Empire 1.4 release.
...
Encompases all changes since tagged 1.3.1 release.
Added 'Contribution Rules' to the README.md
2015-12-29 19:29:05 -05:00
83378190af
Merge pull request #120 from PowerShellEmpire/dev
...
Dev
2015-12-29 13:03:42 -08:00
0d30181baf
Added situational_awareness/network/powerview/find_managed_security_groups module
...
implementing @stufus' recent changes
2015-12-29 15:58:39 -05:00
82fed97485
Fixed various issues for agent profile setting/handling
...
'DefaultProfile' option in listener menu is now tab-completable and can take a path to a profile.txt
2015-12-29 15:57:01 -05:00
d152e71949
Merge pull request #119 from stufus/identify_ad_managed_security_groups
...
Identify Managed AD Security Groups
2015-12-28 15:19:21 -08:00
f02e675f52
Renamed to Find-ManagedSecurityGroups at @harmjoy's request
2015-12-28 17:44:16 +00:00
d82f5208a7
Merge branch 'master' of https://github.com/PowerShellEmpire/Empire into identify_ad_managed_security_groups
2015-12-28 17:40:17 +00:00
da439c441b
Merge pull request #118 from jamcut/trusted-document-store
...
Add module to enumerate trusted documents and locations for MS Office.
2015-12-27 13:03:54 -08:00
b7eb2852f3
Removed more commented lines
2015-12-27 00:08:27 -05:00
a66d2e536e
Implemented @Harmj0y changes
2015-12-27 00:04:38 -05:00
ffa6ca6cd0
Added reference to original .ps1 file here too...
2015-12-24 08:40:12 -05:00
d49b080037
Added GitHub link to Notes section of ps1 file
2015-12-24 08:35:50 -05:00
c7dfa63ee8
Added description
2015-12-24 11:59:12 +00:00
74abeaa2a6
Added link to PR
2015-12-24 11:56:11 +00:00
264863b7bc
remove debugging print
2015-12-24 11:48:11 +00:00
bc949a8ae4
use samaccountname for the username
2015-12-24 11:47:52 +00:00
3f49d7fcfe
Remove trailing spaces
2015-12-24 11:34:02 +00:00
a078c2bd76
Works
2015-12-24 11:23:24 +00:00
3c7c4278fa
Change verbiage in module description
2015-12-23 14:00:06 -05:00
c51b33b74c
Add module to enumerate trusted documents and locations for MS Office.
2015-12-23 13:45:56 -05:00
0a3aaecb13
Update
2015-12-23 17:02:10 +00:00
687954b6ef
-Sync of Kevin Robertson's lateral_movement/inveigh_relay module
...
-Sync stufus' exfiltration/egresscheck module
-Added module menu dynamic sizing for prettified output
2015-12-22 15:05:22 -05:00
c6ff79d7b8
Merge pull request #117 from stufus/add_egress_busting
...
Add Egress Checking Traffic Generator Module
2015-12-22 11:40:32 -08:00
ffe76b3828
Merge pull request #110 from Kevin-Robertson/master
...
Added Inveigh's HTTP NTLMv2 to SMB relay as an Empire module
2015-12-22 11:40:14 -08:00
dbbe61df41
Broken -but adding notes for testing nTSecurityDescriptor
2015-12-22 00:23:44 +00:00
150d89d292
Initial module creation
2015-12-21 23:13:13 +00:00
c2d6172587
Fixed author array
2015-12-21 23:01:38 +00:00
c97acb0ee6
Fix comments
2015-12-21 22:49:06 +00:00
f98844d905
Fix comments
2015-12-21 22:48:39 +00:00
4c87700c6d
Fix up verbosity
2015-12-21 22:47:54 +00:00
cea0826222
Rework this to remove the -verbosity parameter now that Ive realised that Write-Verbose exists....:)
2015-12-21 22:18:52 +00:00
dc9808b06b
Merge branch 'master' of https://github.com/PowerShellEmpire/Empire into add_egress_busting
2015-12-21 20:50:11 +00:00
8401be21f4
Updated header
2015-12-21 20:48:48 +00:00
d48563e6e8
Sorted out verbose output
2015-12-21 20:44:51 +00:00
c95d8786aa
hop.php redirector fix
...
removed requirement for credentials from lateral_movement/invoke_psremoting
2015-12-21 00:33:03 -05:00
c12eac3200
Added trollsploit/rick_ascii
2015-12-16 20:36:07 -05:00
bcb2f4677f
Fix for issue #112
2015-12-16 17:42:51 -05:00
8f88c5bdce
This works! Amazingly....just needs tidying up and polishing (and sorting out the Write-Hosts)
2015-12-15 23:49:09 +00:00
8ff5f7723a
turns out that you need commas in the options dict....:)
2015-12-15 23:38:33 +00:00
b4ed0ceadb
Added the options to the python side
2015-12-15 23:34:38 +00:00
d1572d325b
Continuing work
2015-12-15 23:29:00 +00:00
6186502749
Added Inveigh's HTTP NTLMv2 to SMB relay as an Empire module
...
This module is a direct copy/paste of the Invoke-InveighRelay function
from the standalone version of Inveigh. The module will relay incoming
HTTP NTLMv2 authentication requests to an SMB target. If authentication
is successful and the user is a local administrator on the target
system, the specified command should be executed on the target PSexec
style. This module can be used with or without collection/inveigh. If
collection/inveigh is used, ensure that HTTP is disabled in
collection/inveigh. If this module is used without collection/inveigh,
another method will need to be employed to trigger incoming HTTP
requests.
This module has been successfully tested with Empire's launcher
one-liner to establish additional agents. In testing I observed a delay
(30 seconds or so) between the service creation message and Empire's
agent active message.
harmj0y: As I mentioned in the collection/inveigh pull request comments,
the length of the parameter names is throwing off Empire's options
command column display alignment. I'm not sure if there is an easy fix
for this. Also, I used the same code that you added to inveigh.py after
the pull request. With this code, I did not observe that the
SMBRelayCommand value needed to be wrapped in quotes.
2015-12-14 21:48:49 -05:00
c1043156e1
Module argument tweaks to collection/inveigh.py
2015-12-14 16:04:49 -05:00
4ccc6088e0
Merge pull request #108 from Kevin-Robertson/master
...
Synced collection/inveigh with current standalone Inveigh code
2015-12-14 15:57:23 -05:00
Harmj0y
Kevin Robertson
Stuart Morgan
Jeff McCutchan