Merge pull request #635 from BC-SECURITY/release/v4.8.4

v4.8.4 into master
BC-SECURITY · Nov 26, 2022 · 5334403 · 5334403
2 parents 03bfbab + 2fa7e60
commit 5334403
Show file tree

Hide file tree

Showing 8 changed files with 71 additions and 53 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [4.8.4] - 2022-11-26
+-   Fixed #540 PydanticModule object has no attribute 'info' in API module search (@lavafroth)
+-   Fixed agent/server module version check (@Jackrin)
+
+
 ## [4.8.3] - 2022-11-11
 
 ## [4.8.2] - 2022-11-11
@@ -315,7 +320,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Updated shellcoderdi to newest version (@Cx01N)
 -   Added a Nim launcher (@Hubbl3)
 
-[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v4.8.3...HEAD
+[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v4.8.4...HEAD
+
+[4.8.4]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v4.8.3...v4.8.4
 
 [4.8.3]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v4.8.2...v4.8.3
 

diff --git a/empire/server/common/empire.py b/empire/server/common/empire.py
@@ -46,7 +46,7 @@
 )
 from .events import log_event
 
-VERSION = "4.8.3 BC Security Fork"
+VERSION = "4.8.4 BC Security Fork"
 
 
 class MainMenu(cmd.Cmd):

diff --git a/empire/server/common/module_models.py b/empire/server/common/module_models.py
@@ -1,5 +1,5 @@
 from enum import Enum
-from typing import Any, List, Optional
+from typing import Any, Dict, List, Optional
 
 from pydantic import BaseModel, validator
 
@@ -47,3 +47,23 @@ class PydanticModule(BaseModel):
     enabled: bool = True
     advanced: PydanticModuleAdvanced = PydanticModuleAdvanced()
     compiler_yaml: Optional[str]
+
+    def matches(self, query: str, parameter: str = "any") -> bool:
+        query = query.lower()
+        match = {
+            "name": query in self.name.lower(),
+            "description": query in self.description.lower(),
+            "comments": any(query in comment.lower() for comment in self.comments),
+            "authors": any(query in author.lower() for author in self.authors),
+        }
+
+        if parameter == "any":
+            return any(match.values())
+
+        return match[parameter]
+
+    @property
+    def info(self) -> Dict:
+        desc = self.dict(include={"name", "authors", "description", "comments"})
+        desc["options"] = [option.dict() for option in self.options]
+        return desc
diff --git a/empire/server/common/modules.py b/empire/server/common/modules.py
@@ -308,10 +308,18 @@ def _validate_module_params(
         if not agent:
             return None, "invalid agent name"
 
-        module_version = float(module.min_language_version or 0)
-        agent_version = float(agent.language_version or 0)
+        module_version = module.min_language_version.split(".") or 0
+        agent_version = agent.language_version.split(".") or 0
+        # makes sure the version is the right format: "x.x"
+        if len(agent_version) == 1:
+            agent_version.append(0)
+        if len(module_version) == 1:
+            module_version.append(0)
         # check if the agent/module PowerShell versions are compatible
-        if module_version > agent_version:
+        if (int(module_version[0]) > int(agent_version[0])) or (
+            (int(module_version[0])) == int(agent_version[0])
+            and int(module_version[1]) > int(agent_version[1])
+        ):
             return (
                 None,
                 f"module requires PS version {module_version} but agent running PS version {agent_version}",

diff --git a/empire/server/data/agent/agent.py b/empire/server/data/agent/agent.py
@@ -553,6 +553,13 @@ def old_div(a, b):
 # [1] = /__init__.py ext, is_package = True
 _search_order = [('.py', False), ('/__init__.py', True)]
 
+class ZipImportError(ImportError):
+    """Exception raised by zipimporter objects."""
+    pass
+
+
+# _get_info() = takes the fullname, then subpackage name (if applicable),
+# and searches for the respective module or package
 
 class CFinder(object):
     """Import Hook for Empire"""

diff --git a/empire/server/data/agent/ironpython_agent.py b/empire/server/data/agent/ironpython_agent.py
@@ -666,6 +666,13 @@ def old_div(a, b):
 # [1] = /__init__.py ext, is_package = True
 _search_order = [('.py', False), ('/__init__.py', True)]
 
+class ZipImportError(ImportError):
+    """Exception raised by zipimporter objects."""
+    pass
+
+
+# _get_info() = takes the fullname, then subpackage name (if applicable),
+# and searches for the respective module or package
 
 class CFinder(object):
     """Import Hook for Empire"""

diff --git a/empire/server/server.py b/empire/server/server.py
@@ -588,20 +588,9 @@ def search_modules():
 
         modules = []
 
-        for moduleName, module in main.modules.modules.items():
-            if (
-                (search_term.lower() == "")
-                or (search_term.lower() in moduleName.lower())
-                or (
-                    search_term.lower() in ("".join(module.info["Description"])).lower()
-                )
-                or (search_term.lower() in ("".join(module.info["Comments"])).lower())
-                or (search_term.lower() in ("".join(module.info["Author"])).lower())
-            ):
-                moduleInfo = copy.deepcopy(main.modules.modules[moduleName].info)
-                moduleInfo["options"] = main.modules.modules[moduleName].options
-                moduleInfo["Name"] = moduleName
-                modules.append(moduleInfo)
+        for module in main.modules.modules.values():
+            if search_term == "" or module.matches(search_term):
+                modules.append(module.info)
 
         return jsonify({"modules": modules})
 
@@ -619,14 +608,9 @@ def search_modules_name():
 
         modules = []
 
-        for moduleName, module in main.modules.modules.items():
-            if (search_term.lower() == "") or (
-                search_term.lower() in moduleName.lower()
-            ):
-                module_info = copy.deepcopy(main.modules.modules[moduleName].info)
-                module_info["options"] = main.modules.modules[moduleName].options
-                module_info["Name"] = moduleName
-                modules.append(module_info)
+        for module in main.modules.modules.values():
+            if search_term == "" or module.matches(search_term, parameter="name"):
+                modules.append(module.info)
 
         return jsonify({"modules": modules})
 
@@ -644,14 +628,9 @@ def search_modules_description():
 
         modules = []
 
-        for moduleName, module in main.modules.modules.items():
-            if (search_term.lower() == "") or (
-                search_term.lower() in ("".join(module.info["Description"])).lower()
-            ):
-                moduleInfo = copy.deepcopy(main.modules.modules[moduleName].info)
-                moduleInfo["options"] = main.modules.modules[moduleName].options
-                moduleInfo["Name"] = moduleName
-                modules.append(moduleInfo)
+        for module in main.modules.modules.values():
+            if search_term == "" or module.matches(search_term, "description"):
+                modules.append(module.info)
 
         return jsonify({"modules": modules})
 
@@ -669,14 +648,9 @@ def search_modules_comments():
 
         modules = []
 
-        for moduleName, module in main.modules.modules.items():
-            if (search_term.lower() == "") or (
-                search_term.lower() in ("".join(module.info["Comments"])).lower()
-            ):
-                module_info = copy.deepcopy(main.modules.modules[moduleName].info)
-                module_info["options"] = main.modules.modules[moduleName].options
-                module_info["Name"] = moduleName
-                modules.append(module_info)
+        for module in main.modules.modules.values():
+            if search_term == "" or module.matches(search_term, "comments"):
+                modules.append(module.info)
 
         return jsonify({"modules": modules})
 
@@ -694,14 +668,9 @@ def search_modules_author():
 
         modules = []
 
-        for moduleName, module in main.modules.modules.items():
-            if (search_term.lower() == "") or (
-                search_term.lower() in ("".join(module.info["Author"])).lower()
-            ):
-                module_info = copy.deepcopy(main.modules.modules[moduleName].info)
-                module_info["options"] = main.modules.modules[moduleName].options
-                module_info["Name"] = moduleName
-                modules.append(module_info)
+        for module in main.modules.modules.values():
+            if search_term == "" or module.matches(search_term, "authors"):
+                modules.append(module.info)
 
         return jsonify({"modules": modules})
 

diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "empire-bc-security-fork"
-version = "4.8.3"
+version = "4.8.4"
 description = ""
 authors = ["BC Security <[email protected]>"]
 readme = "README.md"