Merge pull request #412 from BC-SECURITY/dev

Empire 3.6.2 Release
BC-SECURITY · Nov 29, 2020 · a58e0a5 · a58e0a5
2 parents 813c70e + 0bed035
commit a58e0a5
Show file tree

Hide file tree

Showing 17 changed files with 7,488 additions and 89 deletions.
diff --git a/.github/workflows/wikisync.yml b/.github/workflows/wikisync.yml
@@ -1,20 +1,19 @@
-on:
-    push:
-        branches:
-            - master
-    pull_request:
-        branches:
-            - master
 name: Wiki Sync
+
+on:
+  push:
+    branches: 
+      - master
+
 jobs:
-    update-wiki:
-        runs-on: ubuntu-latest
-        steps:
-          - uses: actions/checkout@master
-          - name: Sync Wiki
-            uses: joeizzard/action-wiki-sync@master
-            with:
-                username: Cx01N
-                access_token: ${{ secrets.GITHUB_TOKEN }}
-                wiki_folder: wiki
-                commit_username: 'Cx01N'
+  update-wiki:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@master
+      - name: Sync Wiki
+        uses: joeizzard/action-wiki-sync@master
+        with:
+          username: Cx01N
+          access_token: ${{ secrets.GITHUB_TOKEN }}
+          wiki_folder: wiki
+          commit_username: 'Cx01N'
diff --git a/README.md b/README.md
@@ -96,14 +96,7 @@ Plugins are an extension of Empire that allow for custom scripts to be loaded. T
 community projects to extend Empire functionality. Plugins can be accessed from the Empire CLI or the API as long as the 
 plugin follows the [template example](./plugins/example.py). A list of Empire Plugins is located [here](plugins/PLUGINS.md).
 
-## Official Discord Channel
-<p align="center">
-<a href="https://discord.gg/P8PZPyf">
-<img src="https://discordapp.com/api/guilds/716165691383873536/widget.png?style=banner3"/>
-</p>
-
 ## Contribution Rules
-
 Contributions are more than welcome! The more people who contribute to the project the better Empire will be for everyone. Below are a few guidelines for submitting contributions.
 
 * As of Empire 3.1.0, Empire only officially supports Python 3. If you still need Python 2 support, please use the [3.0.x branch](https://github.com/BC-SECURITY/Empire/tree/3.0.x) or releases.
@@ -115,3 +108,9 @@ Contributions are more than welcome! The more people who contribute to the proje
 * PowerShell Version 2 compatibility is **STRONGLY** preferred.
 * TEST YOUR MODULE! Be sure to run it from an Empire agent and test Python 3.x functionality before submitting a pull to ensure everything is working correctly.
 * For additional guidelines for your PowerShell code itself, check out the [PowerSploit style guide](https://github.com/PowerShellMafia/PowerSploit/blob/master/README.md).
+
+## Official Discord Channel
+<p align="center">
+<a href="https://discord.gg/P8PZPyf">
+<img src="https://discordapp.com/api/guilds/716165691383873536/widget.png?style=banner3"/>
+</p>
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-3.6.1
+3.6.2
diff --git a/changelog b/changelog
@@ -1,10 +1,19 @@
+11/27/2020
+------------
+- Version 3.6.2 Master Release
+        - Added python support for HTTP malleable listener - #404 (@adamczi)
+        - Added new admin menu API endpoints - #403 (@Vinnybod, @Cx01N)
+        - Added chat server for Starkiller and new Empire CLI integration - #403 (@Vinnybod, @Cx01N)
+        - Added module PrivescCheck - #401 (@Invoke-Mimikatz)
+        - Fixed error in malleable profiles when http-stager is not defined - #407 (@Cx01N)
+
 11/16/2020
 ------------
 - Version 3.6.1 Master Release
         - Added editable wiki and sync option to repo - #398 (@Cx01N)
         - Fixed byte error in python/collection/osx/prompt - #396 (@Cx01N)
         - Fixed clear option issue for malleable listener - #393 (@Cx01N)
-        - Added update_comms, killdate, and workinghours endpoints (@Cx01N)
+        - Added update_comms, killdate, and workinghours endpoints - #399 (@Cx01N)
 
 11/9/2020
 ------------

diff --git a/data/agent/agent.py b/data/agent/agent.py
@@ -107,6 +107,8 @@ def decode_routing_packet(data):
     """
     # returns {sessionID : (language, meta, additional, [encData]), ...}
     packets = parse_routing_packet(stagingKey, data)
+    if packets is None:
+        return
     for agentID, packet in packets.items():
         if agentID == sessionID:
             (language, meta, additional, encData) = packet

diff --git a/data/agent/stagers/common/rc4.py b/data/agent/stagers/common/rc4.py
@@ -115,11 +115,11 @@ def parse_routing_packet(stagingKey, data):
             return results
 
         else:
-            print("[*] parse_agent_data() data length incorrect: %s" % (len(data)))
+            # print("[*] parse_agent_data() data length incorrect: %s" % (len(data)))
             return None
 
     else:
-        print("[*] parse_agent_data() data is None")
+        # print("[*] parse_agent_data() data is None")
         return None
 
 

diff --git a/data/agent/stagers/http.py b/data/agent/stagers/http.py
@@ -13,7 +13,7 @@
 
 import random
 import string
-import urllib.request as urllib
+import urllib.request
 
 {% include 'common/rc4.py' %}
 {% include 'common/aes.py' %}
@@ -22,7 +22,7 @@
 
 def post_message(uri, data):
     global headers
-    return (urllib.urlopen(urllib.Request(uri, data, headers))).read()
+    return (urllib.request.urlopen(urllib.request.Request(uri, data, headers))).read()
 
 # generate a randomized sessionID
 sessionID = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(8))