Refresh debian/patches
Sophie Brun
3 years ago
| 1 | 1 | Date: Fri, 27 Dec 2019 09:25:49 +0100 |
| 2 | 2 | Subject: change-database-location |
| 3 | 3 | |
| 4 | Last-Update: 2020-07-21 | |
| 4 | Last-Update: 2020-10-19 | |
| 5 | 5 | --- |
| 6 | 6 | empire | 18 +++++++++++++++++- |
| 7 | 7 | lib/common/__init__.py | 4 +++- |
| 8 | 8 | lib/common/agents.py | 21 +++++++++++---------- |
| 9 | lib/common/empire.py | 7 ++++--- | |
| 9 | lib/common/empire.py | 9 +++++---- | |
| 10 | 10 | lib/common/helpers.py | 6 +++--- |
| 11 | 11 | setup/reset.sh | 20 ++++++++++---------- |
| 12 | 12 | setup/setup_database.py | 2 +- |
| 13 | 7 files changed, 49 insertions(+), 29 deletions(-) | |
| 13 | 7 files changed, 50 insertions(+), 30 deletions(-) | |
| 14 | 14 | |
| 15 | 15 | diff --git a/empire b/empire |
| 16 | index ab00b63..ef3f678 100755 | |
| 16 | index 8178180..1245e29 100755 | |
| 17 | 17 | --- a/empire |
| 18 | 18 | +++ b/empire |
| 19 | @@ -21,6 +21,22 @@ from time import sleep | |
| 20 | ||
| 19 | @@ -22,6 +22,22 @@ from time import sleep | |
| 21 | 20 | from flask import Flask, request, jsonify, make_response, abort, url_for, g |
| 22 | 21 | from flask.json import JSONEncoder |
| 22 | from flask_socketio import SocketIO, emit | |
| 23 | 23 | +import shutil |
| 24 | 24 | + |
| 25 | 25 | +# database old path |
| 39 | 39 | |
| 40 | 40 | # Empire imports |
| 41 | 41 | from lib.common import empire, helpers, users |
| 42 | @@ -85,7 +101,7 @@ def database_connect(): | |
| 42 | @@ -87,7 +103,7 @@ def database_connect(): | |
| 43 | 43 | sqlite3.register_adapter(datetime, adapt_datetime) |
| 44 | 44 | sqlite3.register_converter("timestamp", convert_timestamp) |
| 45 | 45 | # set the database connectiont to autocommit w/ isolation level |
| 71 | 71 | conn.isolation_level = None |
| 72 | 72 | return conn |
| 73 | 73 | diff --git a/lib/common/agents.py b/lib/common/agents.py |
| 74 | index 51b24a3..9d495e8 100644 | |
| 74 | index 829eab8..a57baa0 100644 | |
| 75 | 75 | --- a/lib/common/agents.py |
| 76 | 76 | +++ b/lib/common/agents.py |
| 77 | @@ -87,6 +87,7 @@ class Agents(object): | |
| 77 | @@ -89,6 +89,7 @@ class Agents(object): | |
| 78 | 78 | # pull out the controller objects |
| 79 | 79 | self.mainMenu = MainMenu |
| 80 | 80 | self.installPath = self.mainMenu.installPath |
| 82 | 82 | self.args = args |
| 83 | 83 | |
| 84 | 84 | # internal agent dictionary for the client's session key, funcions, and URI sets |
| 85 | @@ -254,13 +255,13 @@ class Agents(object): | |
| 85 | @@ -267,13 +268,13 @@ class Agents(object): | |
| 86 | 86 | parts = path.split("\\") |
| 87 | 87 | |
| 88 | 88 | # construct the appropriate save path |
| 98 | 98 | if not os.path.abspath(save_path + "/" + filename).startswith(safePath): |
| 99 | 99 | message = "[!] WARNING: agent {} attempted skywalker exploit!\n[!] attempted overwrite of {} with data {}".format(sessionID, path, data) |
| 100 | 100 | signal = json.dumps({ |
| 101 | @@ -320,7 +321,7 @@ class Agents(object): | |
| 101 | @@ -333,7 +334,7 @@ class Agents(object): | |
| 102 | 102 | parts = path.split("/") |
| 103 | 103 | |
| 104 | 104 | # construct the appropriate save path |
| 107 | 107 | filename = parts[-1] |
| 108 | 108 | |
| 109 | 109 | # decompress data if coming from a python agent: |
| 110 | @@ -341,7 +342,7 @@ class Agents(object): | |
| 110 | @@ -354,7 +355,7 @@ class Agents(object): | |
| 111 | 111 | try: |
| 112 | 112 | self.lock.acquire() |
| 113 | 113 | # fix for 'skywalker' exploit by @zeroSteiner |
| 116 | 116 | if not os.path.abspath(save_path + "/" + filename).startswith(safePath): |
| 117 | 117 | message = "[!] WARNING: agent {} attempted skywalker exploit!\n[!] attempted overwrite of {} with data {}".format(sessionID, path, data) |
| 118 | 118 | signal = json.dumps({ |
| 119 | @@ -381,7 +382,7 @@ class Agents(object): | |
| 119 | @@ -394,7 +395,7 @@ class Agents(object): | |
| 120 | 120 | if isinstance(data, bytes): |
| 121 | 121 | data = data.decode('UTF-8') |
| 122 | 122 | name = self.get_agent_name_db(sessionID) |
| 125 | 125 | |
| 126 | 126 | try: |
| 127 | 127 | self.lock.acquire() |
| 128 | @@ -1008,8 +1009,8 @@ class Agents(object): | |
| 128 | @@ -1021,8 +1022,8 @@ class Agents(object): | |
| 129 | 129 | try: |
| 130 | 130 | self.lock.acquire() |
| 131 | 131 | # rename the logging/downloads folder |
| 136 | 136 | retVal = True |
| 137 | 137 | |
| 138 | 138 | # check if the folder is already used |
| 139 | @@ -1177,7 +1178,7 @@ class Agents(object): | |
| 139 | @@ -1191,7 +1192,7 @@ class Agents(object): | |
| 140 | 140 | |
| 141 | 141 | # write out the last tasked script to "LastTask" if in debug mode |
| 142 | 142 | if self.args and self.args.debug: |
| 145 | 145 | f.write(task) |
| 146 | 146 | f.close() |
| 147 | 147 | return pk |
| 148 | @@ -2010,8 +2011,8 @@ class Agents(object): | |
| 148 | @@ -2039,8 +2040,8 @@ class Agents(object): | |
| 149 | 149 | elif responseName == "TASK_CMD_JOB": |
| 150 | 150 | #check if this is the powershell keylogging task, if so, write output to file instead of screen |
| 151 | 151 | if keyLogTaskID and keyLogTaskID == taskID: |
| 157 | 157 | message = "[!] WARNING: agent {} attempted skywalker exploit!".format(self.sessionID) |
| 158 | 158 | signal = json.dumps({ |
| 159 | 159 | diff --git a/lib/common/empire.py b/lib/common/empire.py |
| 160 | index cf7dcf3..156e035 100755 | |
| 160 | index 0355e51..56374a2 100755 | |
| 161 | 161 | --- a/lib/common/empire.py |
| 162 | 162 | +++ b/lib/common/empire.py |
| 163 | @@ -185,7 +185,7 @@ class MainMenu(cmd.Cmd): | |
| 163 | @@ -191,7 +191,7 @@ class MainMenu(cmd.Cmd): | |
| 164 | 164 | |
| 165 | 165 | # if --debug X is passed, log out all dispatcher signals |
| 166 | 166 | if self.args.debug: |
| 169 | 169 | debug_file.write("%s %s : %s\n" % (helpers.get_datetime(), sender, signal)) |
| 170 | 170 | |
| 171 | 171 | if self.args.debug == '2': |
| 172 | @@ -331,11 +331,12 @@ class MainMenu(cmd.Cmd): | |
| 173 | ||
| 172 | @@ -346,11 +346,12 @@ class MainMenu(cmd.Cmd): | |
| 173 | ||
| 174 | 174 | def database_connect(self): |
| 175 | 175 | """ |
| 176 | 176 | - Connect to the default database at ./data/empire.db. |
| 177 | 177 | + Connect to the default database at ~/.local/powershell-empire/empire.db. |
| 178 | 178 | """ |
| 179 | 179 | try: |
| 180 | # set the database connectiont to autocommit w/ isolation level | |
| 180 | - # set the database connection to autocommit w/ isolation level | |
| 181 | 181 | - self.conn = sqlite3.connect('./data/empire.db', check_same_thread=False) |
| 182 | + # set the database connectiont to autocommit w/ isolation level | |
| 182 | 183 | + self.conn = sqlite3.connect(os.path.expanduser('~/.local/powershell-empire/empire.db'), |
| 183 | 184 | + check_same_thread=False) |
| 184 | 185 | self.conn.text_factory = str |
| 185 | 186 | self.conn.isolation_level = None |
| 186 | 187 | return self.conn |
| 187 | 188 | diff --git a/lib/common/helpers.py b/lib/common/helpers.py |
| 188 | index c91a842..df7736b 100644 | |
| 189 | index f6bdb21..5d0349e 100644 | |
| 189 | 190 | --- a/lib/common/helpers.py |
| 190 | 191 | +++ b/lib/common/helpers.py |
| 191 | 192 | @@ -273,7 +273,7 @@ def strip_powershell_comments(data): |