Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v5.7.3 into main #703

Merged
merged 23 commits into from
Oct 17, 2023
Merged

v5.7.3 into main #703

merged 23 commits into from
Oct 17, 2023

Conversation

vinnybod
Copy link

This PR was automatically generated by the release-public-start workflow.
This PR should be merged with a merge commit, not a squash commit.
Merging this PR will trigger a tag and release automatically.

vinnybod and others added 21 commits September 12, 2023 21:57
* add a coverage report to pull requests

* typo

* add extra exclusions

* update changelog

* bump black on pre-commit and github actions to match poetry lock

* use pre-commit mirror for faster runs
#675)

* update embedded plugins to not abuse notifications, update plugin docs

* update plugin service test

* Update .pre-commit-config.yaml

* update changelog

* add a fix for agent task socket event

* move thread instantiation

* fix plugin changes
* Add user avatar uploads

* Update empire/test/test_user_api.py
#688)

* Fixed issue with multiple parameters not executing in IronPython for C# tasks

* changelog
* change ruff config

* replace isort with ruff

* pass pyflakes

* pass pycodestyle errors

* run W293

* run W291

* run pycodestyle errors

* run UP010

* run UP029

* run UP004

* run UP015

* run UP024

* run UP030

* run UP032

* run UP012

* run E721

* run UP034

* run UP031

* changelog and contributing.md

* run black

* set pipefail so | tee doesn't suppress the error

* auto-fix bugbear

* B028

* B006

* B904

* B005

* update contributing

* fix launcher tests
* fixed obfuscation for ironpython and python stagers

* Fixed obfuscation for ironpython and python stagers
* added bypass module and fixed module obfuscation

* Update empire/server/modules/powershell/management/invoke_bypass.py

Co-authored-by: Vincent Rose <[email protected]>

* reformat

---------

Co-authored-by: Vincent Rose <[email protected]>
CHANGELOG.md Outdated Show resolved Hide resolved
@github-actions
Copy link

Coverage

Coverage Report
FileStmtsMissCoverMissing
empire/server
   server.py1102676%84, 102–108, 117–118, 125–128, 134–137, 148, 153, 157–158, 170–188
empire/server/api
   app.py99990%1–164
   jwt_auth.py691086%53, 55, 57, 66, 84, 86–87, 90, 98, 106
   middleware.py12120%1–40
empire/server/api/v2
   shared_dto.py54394%58, 74, 80
empire/server/api/v2/agent
   agent_api.py52198%90
   agent_file_api.py36197%79
   agent_task_api.py1722088%108–134, 203, 298, 307, 324, 345, 374, 389, 408, 425, 442, 461, 480, 503, 518, 532, 547, 553
empire/server/api/v2/download
   download_api.py39197%59
empire/server/api/v2/listener
   listener_api.py60493%90, 95, 109, 121
   listener_dto.py51296%306, 309
   listener_template_api.py18194%49
empire/server/api/v2/obfuscation
   obfuscation_api.py69199%135
empire/server/api/v2/plugin
   plugin_task_api.py46491%83–106, 171
empire/server/api/v2/profile
   profile_api.py47296%64, 79
empire/server/api/v2/stager
   stager_dto.py47296%232, 235
   stager_template_api.py18194%46
empire/server/api/v2/tag
   tag_api.py38197%79
empire/server/api/v2/user
   user_api.py69593%59, 82–84, 136, 160
empire/server/api/v2/websocket
   socketio.py85850%1–174
empire/server/common
   agents.py73164412%102–107, 121, 136–142, 164–202, 209–219, 225–239, 256–340, 346–398, 405, 435–448, 463–479, 485–503, 510–523, 529–542, 548–569, 575–613, 643–693, 722–737, 743–746, 758–776, 782–793, 818–1093, 1109–1179, 1189–1245, 1254–1302, 1310–1813
   credentials.py443032%38–51, 60–121, 129–160
   encryption.py17411733%41–43, 47, 56–58, 66–67, 76–80, 95–108, 112–117, 124–126, 134–143, 150–157, 165–171, 178–192, 199–203, 210–211, 241, 266–287, 293–308, 314–325, 331, 337, 344–347, 354–358, 364–377, 383
   helpers.py36019247%83–87, 94–98, 113, 132–133, 198–199, 241, 248–250, 392–427, 437–568, 589, 596–609, 622–632, 637–641, 644–653, 667–675, 681–691, 713, 725–726, 749–751, 758, 781, 784–787, 790–793, 800–802
   packets.py1137534%160, 181–186, 211–248, 256–294, 321–375, 428–431
   plugins.py17382%27, 32, 37
   pylnk.py59244425%202, 206, 210, 214, 218–223, 227–235, 239–243, 247–251, 255–263, 267, 271, 275, 279, 284–287, 291–292, 296–301, 305–311, 315, 319–327, 337–338, 342–344, 364–366, 369–370, 375–378, 383, 386–388, 391, 394–399, 402, 407, 410–414, 419–452, 455–457, 473, 478–485, 488, 493, 498–526, 529–537, 542–556, 559–594, 599, 604–612, 615–634, 637–642, 645–652, 657, 662–690, 695–718, 721–736, 739–756, 759–792, 795–823, 826, 829–830, 835, 838–840, 845, 848–849, 854, 857–858, 863, 866–867, 872, 875–876, 881, 884–885, 890, 893–897, 902, 907–929, 936–938, 942–957
   socks.py433030%12–13, 17–19, 25–31, 35–42, 46–57, 60
   stagers.py34228218%51–59, 89, 96–97, 126, 149, 157–178, 186–195, 203–240, 248–269, 277–286, 293–339, 345–411, 417–582, 586–656, 659–697, 700–712, 715–814
   templating.py30970%62–64, 73–75, 84–86
empire/server/common/converter
   convert_authors.py20200%1–64
   module_converter.py18180%1–51
empire/server/common/malleable
   implementation.py2362689%162, 164, 347, 351, 356, 476–495, 527
   profile.py1271787%103–104, 144–145, 154, 195, 206, 220, 226, 237, 250, 261, 293, 316–319
   transaction.py3748079%167–186, 199, 214–218, 261, 270, 286–290, 294, 304, 353, 404, 430, 441–442, 448, 469–497, 606–612, 631, 644–646, 753–760, 773, 784, 879, 881, 892, 894, 896
   transformation.py37312168%182, 184, 186, 211, 222–223, 225, 233–234, 236, 282, 288, 292, 323–349, 354–394, 402–439, 454, 465–466, 468, 476–477, 479, 681, 683, 685, 687, 697–698, 722–726, 730, 734, 758, 771, 776, 788, 790–792, 794, 809, 811–813, 815, 833–838, 854, 859, 875–882, 898, 903
   utility.py431370%29, 45–48, 60–66, 120, 128
empire/server/core
   agent_service.py1031684%84, 87, 90, 139, 165–183, 198
   agent_task_service.py1913681%67–70, 86, 88, 94, 97, 100, 108, 110, 112, 117, 122, 142–147, 176, 207–210, 222, 227–230, 238, 240, 269–286, 372–380
   bypass_service.py65494%31, 37, 60–61
   config.py82693%102–105, 114–115
   credential_service.py46198%27
   download_service.py1002278%46, 52, 58, 62, 68–71, 74, 94, 96, 98, 100, 105, 110, 131–145
   hooks.py661774%73–75, 84–86, 100–108, 111–112, 120, 123
   hooks_internal.py1005545%25, 28, 109–132, 142–170, 183–202, 212–236
   listener_service.py1852984%107, 135–136, 146, 156, 187–194, 244–253, 274, 284–286, 289–293, 324–328
   module_models.py58886%61–72, 76–78
   module_service.py2966877%92, 120, 133, 141–145, 155–159, 163–193, 273–275, 310, 331, 334, 397–421, 432–434, 478–479, 496, 510, 516, 540, 560–579, 588–589, 607
   obfuscation_service.py1361887%96–98, 108, 120, 125–127, 144–148, 155–158, 191–192, 249–254
   plugin_service.py1633082%59, 76–77, 89, 128, 134–138, 157–170, 220–223, 239, 245, 248, 251, 259, 261, 263, 268, 273
   profile_service.py61297%41, 85
   stager_service.py99595%54, 89, 133, 138, 163
   stager_template_service.py48198%58
   tag_service.py711776%37, 39, 41, 43, 45, 47, 51–54, 57, 60, 68–71, 76, 79
   user_service.py41295%15, 50
empire/server/core/db
   base.py881880%26–28, 36–41, 59, 73–82, 158–164
   defaults.py43588%87–91, 100–101
   models.py2971097%264–268, 280, 283, 331, 355, 358, 419, 422
empire/server/listeners
   dbx.py45936920%144, 151–162, 184–185, 214–218, 239, 250–254, 289–293, 299, 311–314, 337–338, 344–356, 366–369, 374–381, 398–503, 519–604, 614–667, 718–1024, 1033–1050, 1057–1064
   http.py56035038%231–234, 281, 294, 302–313, 324–330, 353–360, 400, 410–412, 440–443, 451–452, 461–475, 485–488, 493–499, 504–540, 557–558, 573–630, 654–655, 659, 662–664, 672, 689–690, 702–727, 731, 755, 759, 765–766, 769–774, 821–825, 833–1277, 1297–1304
   http_com.py37529322%166, 173–187, 208–209, 235–240, 249–255, 285–292, 298, 316–320, 326, 349–432, 448–491, 501–527, 533–859, 866–883, 890–897
   http_foreign.py1727258%141, 148–153, 175–178, 203–207, 218, 232–234, 241–246, 252–255, 283–287, 293, 302, 306–309, 336–337, 349–365, 375–378, 383–392, 397, 414–415, 424–425, 433–474, 480, 486
   http_hop.py24014838%99, 106, 128–129, 153–157, 167, 181–183, 190–195, 232–236, 242, 253, 261–264, 292–293, 302–315, 325–328, 333–337, 342, 359–490, 501–502, 510–551, 559–609, 615
   http_malleable.py65050722%163, 190, 234, 241–246, 272–273, 297–303, 309, 312, 315, 361, 371–374, 381–392, 402, 411, 421–426, 433, 445–449, 454, 465–466, 470, 479–480, 491–507, 547–552, 559, 567–568, 571–580, 585, 602–734, 748–841, 852–1329, 1337–1736, 1743–1764, 1771–1778
   onedrive.py38631618%159, 162–192, 211–212, 230–234, 256–258, 264–269, 290–294, 299, 323–385, 392–429, 443–487, 490–897, 904–921, 928–935
   port_forward_pivot.py37226728%76–77, 83, 105–106, 131–135, 146, 160–163, 170–181, 192–198, 224–232, 248–252, 258, 269, 273–276, 306–310, 319–320, 332–348, 358–361, 366–373, 377–413, 430–540, 556–644, 655–696, 704–872, 879–972
   smb.py21018313%68–69, 75, 94–230, 247–311, 327–381, 392–425, 433–490, 497
empire/server/modules/csharp
   Assembly.Covenant.py191332%17–46
   AssemblyReflect.Covenant.py191332%17–46
   Inject_BOF.Covenant.py312132%24–67
   ProcessInjection.Covenant.py625315%21–115
   Shellcode.Covenant.py221627%17–49
empire/server/modules/powershell/code_execution
   invoke_ntsd.py554911%16–104
   invoke_reflectivepeinjection.py342624%19–69
   invoke_shellcode.py22386%30–31, 37
   invoke_shellcodemsil.py181233%17–42
empire/server/modules/powershell/collection
   SharpChromium.py282029%20–61
   WireTap.py211529%17–48
   get_sql_column_sample_data.py403415%16–77
   minidump.py231726%17–50
   packet_capture.py181328%15–38
   screenshot.py241825%17–51
empire/server/modules/powershell/credentials
   credential_injection.py362919%18–78
   tokens.py322619%17–79
empire/server/modules/powershell/credentials/mimikatz
   dcsync_hashdump.py221627%17–49
   golden_ticket.py352626%21–66
   lsadump.py161038%17–41
   mimitokens.py352917%17–65
   pth.py342526%21–68
   silver_ticket.py403220%19–74
   trust_keys.py15940%17–38
empire/server/modules/powershell/exfiltration
   PSRansom.py251924%17–53
empire/server/modules/powershell/exploitation
   exploit_eternalblue.py181233%17–44
empire/server/modules/powershell/lateral_movement
   inveigh_relay.py363017%17–92
   invoke_dcom.py363017%17–91
   invoke_executemsbuild.py544713%18–113
   invoke_psexec.py383216%17–99
   invoke_psremoting.py433616%18–97
   invoke_smbexec.py403415%17–97
   invoke_sqloscmd.py463915%17–89
   invoke_sshcommand.py322522%18–66
   invoke_wmi.py484115%18–109
   invoke_wmi_debugger.py595114%18–167
   jenkins_script_console.py282125%18–68
   new_gpo_immediate_task.py373019%18–104
empire/server/modules/powershell/management
   invoke_bypass.py14843%16–32
   invoke_script.py191332%16–39
   logoff.py11645%15–28
   psinject.py352917%17–85
   reflective_inject.py453718%18–97
   runas.py342721%18–73
   shinject.py282125%18–69
   spawn.py292321%17–78
   spawnas.py443716%18–78
   switch_listener.py15940%17–47
   user_to_sid.py8362%15–25
empire/server/modules/powershell/management/mailraider
   disable_security.py251924%16–63
   get_emailitems.py171135%16–51
empire/server/modules/powershell/persistence/elevated
   registry.py696112%19–170
   schtasks.py837510%19–210
   wmi.py938410%20–264
   wmi_updater.py756711%19–221
empire/server/modules/powershell/persistence/misc
   add_sid_history.py161038%17–40
   debugger.py393315%17–122
empire/server/modules/powershell/persistence/powerbreach
   deaduser.py393121%18–142
   eventlog.py362822%18–120
   resolver.py393121%18–129
empire/server/modules/powershell/persistence/userland
   backdoor_lnk.py514316%19–130
   registry.py776910%19–208
   schtasks.py787010%19–201
empire/server/modules/powershell/privesc
   ask.py231726%17–73
   bypassuac.py251924%17–65
   bypassuac_env.py262023%17–64
   bypassuac_eventvwr.py262023%17–66
   bypassuac_fodhelper.py262023%17–65
   bypassuac_sdctlbypass.py262023%17–65
   bypassuac_tokenmanipulation.py292128%19–65
   bypassuac_wscript.py251924%17–65
   ms16-032.py191332%17–53
   ms16-135.py191332%17–53
empire/server/modules/powershell/privesc/powerup
   service_exe_stager.py312519%17–68
   service_stager.py262023%17–59
   write_dllhijacker.py292321%17–78
empire/server/modules/powershell/recon
   fetch_brute_local.py262023%16–49
   find_fruit.py241825%17–61
   get_sql_server_login_default_pw.py231822%15–51
empire/server/modules/powershell/situational_awareness/host
   computerdetails.py554911%17–120
empire/server/modules/powershell/situational_awareness/network
   get_sql_server_info.py302517%15–65
empire/server/modules/powershell/situational_awareness/network/powerview
   get_gpo_computer.py423419%19–92
   get_subnet_ranges.py383021%18–77
empire/server/modules/python/collection/osx
   imessage_dump.py151033%15–177
   native_screenshot_mss.py13746%16–46
   prompt.py14936%15–50
   search_email.py12192%20
   sniffer.py231822%15–152
empire/server/modules/python/lateral_movement/multi
   ssh_launcher.py181233%16–68
empire/server/modules/python/management/multi
   spawn.py14843%17–31
empire/server/modules/python/management/osx
   shellcodeinject64.py191142%18–139
empire/server/modules/python/persistence/multi
   desktopfile.py15940%16–60
empire/server/modules/python/persistence/osx
   CreateHijacker.py211433%23–484
   LaunchAgent.py221532%17–103
   LaunchAgentUserLandPersistence.py171135%16–82
   loginhook.py13838%15–65
   mail.py302227%18–197
empire/server/modules/python/privesc/multi
   CVE-2021-3560.py171041%18–43
   CVE-2021-4034.py221436%19–49
   bashdoor.py12742%16–48
   sudo_spawn.py191332%17–42
empire/server/modules/python/privesc/osx
   dyld_print_to_file.py181139%24–56
   piggyback.py181233%17–56
empire/server/modules/python/situational_awareness/host/osx
   situational_awareness.py14936%15–197
empire/server/plugins
   basic_reporting.plugin775430%43–74, 86–99, 102–115, 118–134, 148–152
   csharpserver.plugin1278632%48–53, 56, 71–117, 120–127, 130–159, 162–192, 203–207
   reverseshell_stager_server.plugin1118424%123–130, 133, 148–211, 216, 222–231, 234–250, 253–266
   websockify_server.plugin573146%68–76, 79, 94–128
empire/server/plugins/ChiselServer-Plugin
   chiselserver.plugin1017130%66–71, 89–184
empire/server/plugins/Report-Generation-Plugin
   advanced_reporting.plugin14710727%67–111, 134–151, 155–176, 179–188, 191–201, 204–220, 227–259, 262–276, 282–285, 298–300
   mitre.py1248531%17–18, 21, 24, 28, 31–40, 44–58, 62–65, 69–71, 74–75, 78–80, 84–103, 106–107, 110–111, 114–115, 118–119, 124–128, 131–135, 138, 143, 146–147, 155–156, 165–181, 189–201, 209, 217–225, 236–237, 245–259, 262–272, 275
empire/server/plugins/SocksProxyServer-Plugin
   socksproxyserver.plugin13610424%83–88, 103–122, 125–130, 137–141, 146–177, 180–188, 191–214, 217–232
empire/server/stagers/multi
   bash.py221436%67–92
   generate_agent.py302227%93–133
   launcher.py34682%116–124, 147–148
   macro.py534319%120–257
   pyinstaller.py54591%100–102, 113–114
   war.py443423%91–183
empire/server/stagers/osx
   applescript.py191142%62–83
   application.py261735%81–113
   ducky.py251828%60–88
   dylib.py261831%73–103
   jar.py181139%60–79
   macho.py181139%60–83
   macro.py403220%85–187
   pkg.py282029%72–109
   safari_launcher.py231630%67–107
   shellcode.py241729%68–158
   teensy.py76699%61–144
empire/server/stagers/windows
   backdoorLnkMacro.py14812913%151–159, 163–484
   bunny.py483919%107–176
   cmd_exec.py463524%105–164, 167–179
   csharp_exe.py514316%102–172
   dll.py411173%107–108, 112, 115–118, 121–132, 156–157
   ducky.py423419%94–163
   hta.py372922%86–145
   launcher_bat.py541180%86, 93, 96–97, 116, 131–141, 150–151
   launcher_lnk.py393023%118–182
   launcher_sct.py524415%96–174
   launcher_vbs.py342624%82–138
   launcher_xml.py837510%82–192
   macro.py705916%114–218
   ms16-051.py352723%95–283
   nim.py524317%83–170
   reverseshell.py231343%61–67, 70–86
   shellcode.py483919%102–169
   teensy.py1131057%82–218
   wmic.py423419%96–159
empire/server/utils
   data_util.py501080%34–44, 57–58, 60, 64
   file_util.py13192%24
   listener_util.py301163%13–19, 99–112
   log_util.py402148%11–39
   math_util.py5340%9–12
   module_util.py10370%16–18
   option_util.py742270%15–16, 96, 99, 119–133, 142–151, 162, 169
TOTAL17546965245% 

Tests Skipped Failures Errors Time
317 0 💤 0 ❌ 0 🔥 10m 20s ⏱️

@vinnybod vinnybod merged commit 9bc4550 into main Oct 17, 2023
8 checks passed
@vinnybod vinnybod deleted the release/5.7.3 branch October 17, 2023 04:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants