Refresh debian/patches
Sophie Brun
3 years ago
1 | 1 | Date: Fri, 27 Dec 2019 09:25:49 +0100 |
2 | 2 | Subject: change-database-location |
3 | 3 | |
4 | Last-Update: 2020-07-21 | |
4 | Last-Update: 2020-10-19 | |
5 | 5 | --- |
6 | 6 | empire | 18 +++++++++++++++++- |
7 | 7 | lib/common/__init__.py | 4 +++- |
8 | 8 | lib/common/agents.py | 21 +++++++++++---------- |
9 | lib/common/empire.py | 7 ++++--- | |
9 | lib/common/empire.py | 9 +++++---- | |
10 | 10 | lib/common/helpers.py | 6 +++--- |
11 | 11 | setup/reset.sh | 20 ++++++++++---------- |
12 | 12 | setup/setup_database.py | 2 +- |
13 | 7 files changed, 49 insertions(+), 29 deletions(-) | |
13 | 7 files changed, 50 insertions(+), 30 deletions(-) | |
14 | 14 | |
15 | 15 | diff --git a/empire b/empire |
16 | index ab00b63..ef3f678 100755 | |
16 | index 8178180..1245e29 100755 | |
17 | 17 | --- a/empire |
18 | 18 | +++ b/empire |
19 | @@ -21,6 +21,22 @@ from time import sleep | |
20 | ||
19 | @@ -22,6 +22,22 @@ from time import sleep | |
21 | 20 | from flask import Flask, request, jsonify, make_response, abort, url_for, g |
22 | 21 | from flask.json import JSONEncoder |
22 | from flask_socketio import SocketIO, emit | |
23 | 23 | +import shutil |
24 | 24 | + |
25 | 25 | +# database old path |
39 | 39 | |
40 | 40 | # Empire imports |
41 | 41 | from lib.common import empire, helpers, users |
42 | @@ -85,7 +101,7 @@ def database_connect(): | |
42 | @@ -87,7 +103,7 @@ def database_connect(): | |
43 | 43 | sqlite3.register_adapter(datetime, adapt_datetime) |
44 | 44 | sqlite3.register_converter("timestamp", convert_timestamp) |
45 | 45 | # set the database connectiont to autocommit w/ isolation level |
71 | 71 | conn.isolation_level = None |
72 | 72 | return conn |
73 | 73 | diff --git a/lib/common/agents.py b/lib/common/agents.py |
74 | index 51b24a3..9d495e8 100644 | |
74 | index 829eab8..a57baa0 100644 | |
75 | 75 | --- a/lib/common/agents.py |
76 | 76 | +++ b/lib/common/agents.py |
77 | @@ -87,6 +87,7 @@ class Agents(object): | |
77 | @@ -89,6 +89,7 @@ class Agents(object): | |
78 | 78 | # pull out the controller objects |
79 | 79 | self.mainMenu = MainMenu |
80 | 80 | self.installPath = self.mainMenu.installPath |
82 | 82 | self.args = args |
83 | 83 | |
84 | 84 | # internal agent dictionary for the client's session key, funcions, and URI sets |
85 | @@ -254,13 +255,13 @@ class Agents(object): | |
85 | @@ -267,13 +268,13 @@ class Agents(object): | |
86 | 86 | parts = path.split("\\") |
87 | 87 | |
88 | 88 | # construct the appropriate save path |
98 | 98 | if not os.path.abspath(save_path + "/" + filename).startswith(safePath): |
99 | 99 | message = "[!] WARNING: agent {} attempted skywalker exploit!\n[!] attempted overwrite of {} with data {}".format(sessionID, path, data) |
100 | 100 | signal = json.dumps({ |
101 | @@ -320,7 +321,7 @@ class Agents(object): | |
101 | @@ -333,7 +334,7 @@ class Agents(object): | |
102 | 102 | parts = path.split("/") |
103 | 103 | |
104 | 104 | # construct the appropriate save path |
107 | 107 | filename = parts[-1] |
108 | 108 | |
109 | 109 | # decompress data if coming from a python agent: |
110 | @@ -341,7 +342,7 @@ class Agents(object): | |
110 | @@ -354,7 +355,7 @@ class Agents(object): | |
111 | 111 | try: |
112 | 112 | self.lock.acquire() |
113 | 113 | # fix for 'skywalker' exploit by @zeroSteiner |
116 | 116 | if not os.path.abspath(save_path + "/" + filename).startswith(safePath): |
117 | 117 | message = "[!] WARNING: agent {} attempted skywalker exploit!\n[!] attempted overwrite of {} with data {}".format(sessionID, path, data) |
118 | 118 | signal = json.dumps({ |
119 | @@ -381,7 +382,7 @@ class Agents(object): | |
119 | @@ -394,7 +395,7 @@ class Agents(object): | |
120 | 120 | if isinstance(data, bytes): |
121 | 121 | data = data.decode('UTF-8') |
122 | 122 | name = self.get_agent_name_db(sessionID) |
125 | 125 | |
126 | 126 | try: |
127 | 127 | self.lock.acquire() |
128 | @@ -1008,8 +1009,8 @@ class Agents(object): | |
128 | @@ -1021,8 +1022,8 @@ class Agents(object): | |
129 | 129 | try: |
130 | 130 | self.lock.acquire() |
131 | 131 | # rename the logging/downloads folder |
136 | 136 | retVal = True |
137 | 137 | |
138 | 138 | # check if the folder is already used |
139 | @@ -1177,7 +1178,7 @@ class Agents(object): | |
139 | @@ -1191,7 +1192,7 @@ class Agents(object): | |
140 | 140 | |
141 | 141 | # write out the last tasked script to "LastTask" if in debug mode |
142 | 142 | if self.args and self.args.debug: |
145 | 145 | f.write(task) |
146 | 146 | f.close() |
147 | 147 | return pk |
148 | @@ -2010,8 +2011,8 @@ class Agents(object): | |
148 | @@ -2039,8 +2040,8 @@ class Agents(object): | |
149 | 149 | elif responseName == "TASK_CMD_JOB": |
150 | 150 | #check if this is the powershell keylogging task, if so, write output to file instead of screen |
151 | 151 | if keyLogTaskID and keyLogTaskID == taskID: |
157 | 157 | message = "[!] WARNING: agent {} attempted skywalker exploit!".format(self.sessionID) |
158 | 158 | signal = json.dumps({ |
159 | 159 | diff --git a/lib/common/empire.py b/lib/common/empire.py |
160 | index cf7dcf3..156e035 100755 | |
160 | index 0355e51..56374a2 100755 | |
161 | 161 | --- a/lib/common/empire.py |
162 | 162 | +++ b/lib/common/empire.py |
163 | @@ -185,7 +185,7 @@ class MainMenu(cmd.Cmd): | |
163 | @@ -191,7 +191,7 @@ class MainMenu(cmd.Cmd): | |
164 | 164 | |
165 | 165 | # if --debug X is passed, log out all dispatcher signals |
166 | 166 | if self.args.debug: |
169 | 169 | debug_file.write("%s %s : %s\n" % (helpers.get_datetime(), sender, signal)) |
170 | 170 | |
171 | 171 | if self.args.debug == '2': |
172 | @@ -331,11 +331,12 @@ class MainMenu(cmd.Cmd): | |
173 | ||
172 | @@ -346,11 +346,12 @@ class MainMenu(cmd.Cmd): | |
173 | ||
174 | 174 | def database_connect(self): |
175 | 175 | """ |
176 | 176 | - Connect to the default database at ./data/empire.db. |
177 | 177 | + Connect to the default database at ~/.local/powershell-empire/empire.db. |
178 | 178 | """ |
179 | 179 | try: |
180 | # set the database connectiont to autocommit w/ isolation level | |
180 | - # set the database connection to autocommit w/ isolation level | |
181 | 181 | - self.conn = sqlite3.connect('./data/empire.db', check_same_thread=False) |
182 | + # set the database connectiont to autocommit w/ isolation level | |
182 | 183 | + self.conn = sqlite3.connect(os.path.expanduser('~/.local/powershell-empire/empire.db'), |
183 | 184 | + check_same_thread=False) |
184 | 185 | self.conn.text_factory = str |
185 | 186 | self.conn.isolation_level = None |
186 | 187 | return self.conn |
187 | 188 | diff --git a/lib/common/helpers.py b/lib/common/helpers.py |
188 | index c91a842..df7736b 100644 | |
189 | index f6bdb21..5d0349e 100644 | |
189 | 190 | --- a/lib/common/helpers.py |
190 | 191 | +++ b/lib/common/helpers.py |
191 | 192 | @@ -273,7 +273,7 @@ def strip_powershell_comments(data): |