Merge pull request #349 from BC-SECURITY/dev

Empire 3.5.1 Release
BC-SECURITY · Oct 14, 2020 · cc18b46 · cc18b46
2 parents f0ecc93 + 7ea82ec
commit cc18b46
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 25 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-3.5.0
+3.5.1
diff --git a/changelog b/changelog
@@ -1,10 +1,16 @@
+10/14/2020
+------------
+- Version 3.5.1 Master Release
+        - Fixed Invoke-Obfuscation in Kali/Dockers - #348 (@Cx01N, @Hubbl3)
+        - Refactored /api/map endpoint - #337 (@mattaereal)
+
 10/13/2020
 ------------
 - Version 3.5.0 Master Release
         - Added socketio notifications for Starkiller - #335 (@vinnybod)
         - Added Invoke-ZeroLogon - #333 (@Cx01N)
         - Added Invoke-SocksProxy - #332 (@Cx01N, @Hubbl3)
-        - Added powercat module - #319 (@xC01N)
+        - Added powercat module - #319 (@Cx01N)
         - Added powermad modules - #329 (@snovvcrash)
         - Added self cleanup functionality to plugins - #332 (@Hubbl3)
         - Updated Mimikatz 2.2.0 20200918 ZeroLogon - #330 (@Cx01N)

diff --git a/empire b/empire
@@ -112,13 +112,13 @@ def execute_db_query(conn, query, args=None):
     cur.close()
     return results
 
-
 ####################################################################
 #
-# The Empire RESTful API.
+# The Empire RESTful API. To see more information about it, check out the official wiki.
+#
+# Adapted from http://blog.miguelgrinberg.com/post/designing-a-restful-api-with-python-and-flask.
+# Example code at https://gist.github.com/miguelgrinberg/5614326.
 #
-# Adapted from http://blog.miguelgrinberg.com/post/designing-a-restful-api-with-python-and-flask
-#   example code at https://gist.github.com/miguelgrinberg/5614326
 #
 #    Verb     URI                                                   Action
 #    ----     ---                                                   ------
@@ -185,6 +185,7 @@ def execute_db_query(conn, query, args=None):
 #    PUT      http://localhost:1337/api/users/Y/updatepassword      update password for user Y
 #
 ####################################################################
+
 def start_restful_api(empireMenu: MainMenu, suppress=False, username=None, password=None, port=1337):
     """
     Kick off the RESTful API with the given parameters.
@@ -278,23 +279,13 @@ def start_restful_api(empireMenu: MainMenu, suppress=False, username=None, passw
         """
         List all of the current registered API routes.
         """
-        import urllib.request as urllib
-        output = []
+        output = {}
         for rule in app.url_map.iter_rules():
-
-            options = {}
-            for arg in rule.arguments:
-                options[arg] = "[{0}]".format(arg)
-
             methods = ','.join(rule.methods)
-            url = url_for(rule.endpoint, **options)
-            line = urllib.parse.unquote("[ { '" + rule.endpoint + "': [ { 'methods': '" + methods + "', 'url': '" + url + "' } ] } ]")
-            output.append(line)
-
-        res = ''
-        for line in sorted(output):
-            res = res + '\r\n' + line
-        return jsonify({'Routes':res})
+            url = rule.rule
+            output.update({rule.endpoint: {'methods': methods, 'url': url}})
+
+        return jsonify({'Routes':output})
 
     @app.route('/api/config', methods=['GET'])
     def get_config():

diff --git a/lib/common/empire.py b/lib/common/empire.py
@@ -18,7 +18,7 @@
 
 from flask_socketio import SocketIO
 
-VERSION = "3.5.0 BC Security Fork"
+VERSION = "3.5.1 BC Security Fork"
 
 from pydispatch import dispatcher
 

diff --git a/lib/common/helpers.py b/lib/common/helpers.py
@@ -940,9 +940,9 @@ def obfuscate(installPath, psScript, obfuscationCommand):
     toObfuscateFile.close()
     # Obfuscate using Invoke-Obfuscation w/ PowerShell
     subprocess.call(
-        "%s -C '$ErrorActionPreference = \"SilentlyContinue\";Invoke-Obfuscation -ScriptPath %s -Command \"%s\" -Quiet | Out-File -Encoding ASCII %s'" % (
-        get_powershell_name(), toObfuscateFilename, convert_obfuscation_command(obfuscationCommand),
-        obfuscatedFilename), shell=True)
+        "%s -C '$ErrorActionPreference = \"SilentlyContinue\";Import-Module ./lib/powershell/Invoke-Obfuscation/Invoke-Obfuscation.psd1;Invoke-Obfuscation -ScriptPath %s -Command \"%s\" -Quiet | Out-File -Encoding ASCII %s'" % (
+            get_powershell_name(), toObfuscateFilename, convert_obfuscation_command(obfuscationCommand),
+            obfuscatedFilename), shell=True)
     obfuscatedFile = open(obfuscatedFilename, 'r')
     # Obfuscation writes a newline character to the end of the file, ignoring that character
     psScript = obfuscatedFile.read()[0:-1]