Merge pull request #745 from BC-SECURITY/release/5.11.4

v5.11.4 into main
BC-SECURITY · Sep 4, 2024 · 21880d8 · 21880d8
2 parents f33c713 + f083ada
commit 21880d8
Show file tree

Hide file tree

Showing 12 changed files with 290 additions and 136 deletions.
diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml
@@ -91,7 +91,7 @@ jobs:
           junitxml-path: ./pytest.xml
   test_image:
     # To save CI time, only run these tests on the release PRs
-    if: ${{ startsWith(github.head_ref, 'release/') }}
+    if: ${{ startsWith(github.head_ref, 'release/') || contains( github.event.pull_request.labels.*.name, 'docker') }}
     timeout-minutes: 30
     runs-on: ubuntu-latest
     name: Test Docker Image
@@ -109,9 +109,9 @@ jobs:
                 sed -i 's|ref: sponsors-main|ref: main|g' empire/server/config.yaml
             fi
       - name: Build docker image
-        run: docker-compose -f .github/docker-compose.yml build
+        run: docker compose -f .github/docker-compose.yml build
       - name: Run tests on docker image
-        run: docker-compose -f .github/docker-compose.yml run test
+        run: docker compose -f .github/docker-compose.yml run test
       - name: run structure tests docker
         uses: plexsystems/[email protected]
         with:

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,12 +14,34 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [5.11.4] - 2024-09-04
+
+### Added
+
 -   Added nameserver check for linux hosts (@0x636f646f)
 
+## [5.11.3] - 2024-09-04
+
+### Changed
+
+-   Updated Rubeus to v2.3.2 (@Cx01N)
+
+### Fixed
+
+-   Fixed Rubeus error where only first arg was being used (@Cx01N)
+-   Fixed background jobs checking in continuously (@Cx01N)
+-   Fixed Rubeus killing agent when certain options were given that use System.Environment.Exit (@Cx01N) 
+-   Fixed option parsing error in credential/tokens module (@Cx01N)
+-   Removed requirement for credid for mimikatz/pth (@Cx01N)
 
 ## [5.11.2] - 2024-08-08
 
+### Added
+
 -   Added Route4Me to sponsor page on Empire (@Cx01N)
+
+### Fixed
+
 -   Fixed global obfuscation bug in listener staging (@Cx01N)
 
 ## [5.11.1] - 2024-07-23
@@ -907,7 +929,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Updated shellcoderdi to newest version (@Cx01N)
 -   Added a Nim launcher (@Hubbl3)
 
-[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.2...HEAD
+[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.4...HEAD
+
+[5.11.4]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.3...v5.11.4
+
+[5.11.3]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.2...v5.11.3
 
 [5.11.2]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.1...v5.11.2
 

diff --git a/empire/server/common/empire.py b/empire/server/common/empire.py
@@ -38,7 +38,7 @@
 
 from . import agents, credentials, listeners, stagers
 
-VERSION = "5.11.2 BC Security Fork"
+VERSION = "5.11.4 BC Security Fork"
 
 log = logging.getLogger(__name__)
 

diff --git a/empire/server/csharp/Covenant/Data/AssemblyReferences/net40/System.configuration.dll b/empire/server/csharp/Covenant/Data/AssemblyReferences/net40/System.configuration.dll
diff --git a/empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Rubeus b/empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Rubeus
diff --git a/empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Sharpire b/empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Sharpire
diff --git a/empire/server/data/agent/agent.ps1 b/empire/server/data/agent/agent.ps1
@@ -1146,7 +1146,7 @@ function Invoke-Empire {
                 $jobID = Start-AgentJob $data;
                 $script:ResultIDs[$jobID]=$resultID;
                 Encode-Packet -type $type -data ("Job started: " + $jobID) -ResultID $ResultID;
-                $script:tasks[$ResultID]['status'] = 'completed'
+                $script:tasks[$ResultID]['status'] = 'running'
             }
             # dynamic code execution, no wait, save output
             elseif($type -eq 111 -or $type -eq 113) {
@@ -1357,12 +1357,24 @@ function Invoke-Empire {
 
         ForEach($JobName in $JobNames) {
             $JobResultID = $script:ResultIDs[$JobName]
-            if (Get-AgentJobCompleted -JobName $JobName) {
-                $Results = Stop-AgentJob -JobName $JobName | fl | Out-String
+            $taskStatus = $script:tasks[$JobName]['status']
+
+            if ($taskStatus -eq 'completed' -or $taskStatus -eq 'stopped') {
+                continue;  # Skip already completed or stopped tasks
             }
-            elseif ($script:tasks[$JobName]['status'] -eq 'running') {
-                $Results = Receive-AgentJob -JobName $JobName | fl | Out-String
+
+            # Check if the task is running and completed
+            if ($taskStatus -eq 'running') {
+                $jobCompleted = Get-AgentJobCompleted -JobName $JobName
+                if ($jobCompleted) {
+                    $Results = Stop-AgentJob -JobName $JobName | fl | Out-String
+                    $script:tasks[$JobName]['status'] = 'completed'
+                }
+                else {
+                    $Results = Receive-AgentJob -JobName $JobName | fl | Out-String
+                }
             }
+
             if ($Results) {
                 $JobResults += $(Encode-Packet -type 110 -data $($Results) -ResultID $JobResultID)
             }