Fixed obfuscation for ironpython and python stagers (BC-SECURITY#712)

* fixed obfuscation for ironpython and python stagers

* Fixed obfuscation for ironpython and python stagers

CHANGELOG.md

@@ -7,6 +7,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+-   Fixed IronPython and Python stagers not getting obfuscation applied (@Cx01n)
+
 ## [5.7.2] - 2023-09-28
 
 -   Updated Dropbox C2 to use new API endpoints (@Cx01N)

empire/server/core/obfuscation_service.py

@@ -6,7 +6,7 @@
 from pathlib import Path
 
 import python_obfuscator
-from python_obfuscator.techniques import one_liner
+from python_obfuscator.techniques import one_liner, variable_renamer
 from sqlalchemy.orm import Session
 
 from empire.server.core.config import empire_config
@@ -247,6 +247,8 @@ def python_obfuscate(self, module_source):
         Obfuscate Python scripts using python-obfuscator
         """
         obfuscator = python_obfuscator.obfuscator()
-        obfuscated_code = obfuscator.obfuscate(module_source, [one_liner])
+        obfuscated_code = obfuscator.obfuscate(
+            module_source, [one_liner, variable_renamer]
+        )
 
         return obfuscated_code

empire/server/listeners/dbx.py

@@ -362,6 +362,14 @@ def generate_launcher(
                 # RC4 decryption
                 launcherBase += listener_util.python_extract_stager(staging_key)
 
+                if obfuscate:
+                    launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
+                        launcherBase
+                    )
+                    launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
+                        launcherBase
+                    )
+
                 if encode:
                     launchEncoded = base64.b64encode(
                         launcherBase.encode("UTF-8")

empire/server/listeners/http.py

@@ -482,9 +482,8 @@ def generate_launcher(
                 launcherBase += listener_util.python_extract_stager(staging_key)
 
                 if obfuscate:
-                    launcherBase = self.mainMenu.obfuscationv2.obfuscate(
-                        launcherBase,
-                        obfuscation_command=obfuscation_command,
+                    launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
+                        launcherBase
                     )
                     launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
                         launcherBase

empire/server/listeners/http_foreign.py

@@ -372,9 +372,8 @@ def generate_launcher(
                 launcherBase += listener_util.python_extract_stager(stagingKey)
 
                 if obfuscate:
-                    launcherBase = self.mainMenu.obfuscationv2.obfuscate(
-                        launcherBase,
-                        obfuscation_command=obfuscation_command,
+                    launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
+                        launcherBase
                     )
                     launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
                         launcherBase

empire/server/listeners/http_hop.py

@@ -322,9 +322,8 @@ def generate_launcher(
                 launcherBase += listener_util.python_extract_stager(staging_key)
 
                 if obfuscate:
-                    launcherBase = self.mainMenu.obfuscationv2.obfuscate(
-                        launcherBase,
-                        obfuscation_command=obfuscation_command,
+                    launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
+                        launcherBase
                     )
                     launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
                         launcherBase

empire/server/listeners/port_forward_pivot.py

@@ -356,7 +356,7 @@ def generate_launcher(
 
                 if obfuscate:
                     launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
-                        launcherBase, obfuscation_command=obfuscation_command
+                        launcherBase
                     )
                     launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
                         launcherBase

empire/server/listeners/smb.py

@@ -208,7 +208,9 @@ def generate_launcher(
                 launcherBase += listener_util.python_extract_stager(stagingKey)
 
                 if obfuscate:
-                    launcherBase = self.mainMenu.obfuscationv2.obfuscate(launcherBase)
+                    launcherBase = self.mainMenu.obfuscationv2.python_obfuscate(
+                        launcherBase
+                    )
                     launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
                         launcherBase
                     )

empire/server/stagers/windows/csharp_exe.py

@@ -148,7 +148,7 @@ def generate(self):
 
         if language.lower() == "powershell":
             directory = self.mainMenu.stagers.generate_powershell_exe(
-                launcher, dot_net_version=dot_net_version
+                launcher, dot_net_version=dot_net_version, obfuscate=obfuscate_script
             )
             with open(directory, "rb") as f:
                 code = f.read()
@@ -162,7 +162,7 @@ def generate(self):
 
         elif language.lower() == "ironpython":
             directory = self.mainMenu.stagers.generate_python_exe(
-                launcher, dot_net_version=dot_net_version
+                launcher, dot_net_version=dot_net_version, obfuscate=obfuscate_script
             )
             with open(directory, "rb") as f:
                 code = f.read()