v5.10.3 into main #730

vinnybod · 2024-05-23T03:24:45Z

This PR was automatically generated by the release-public-start workflow.
This PR should be merged with a merge commit, not a squash commit.
Merging this PR will trigger a tag and release automatically.

…t#821) * Fixed issue with generate_agent having a mismatched function name for stageless * formatting

* fixed empty arg modules * market c# getsystem to require admin * changed portscan to use semicolons to fix compile error * fixed privexchange module missing System.XML.dll * removed bypassuacgrunt and bypassuaccommand modules * added default value for moriarty --------- Co-authored-by: Vincent Rose <[email protected]>

…oject#819) Bumps [thomaseizinger/create-pull-request](https://github.com/thomaseizinger/create-pull-request) from 1.3.1 to 1.4.0. - [Release notes](https://github.com/thomaseizinger/create-pull-request/releases) - [Changelog](https://github.com/thomaseizinger/create-pull-request/blob/master/CHANGELOG.md) - [Commits](thomaseizinger/create-pull-request@1.3.1...1.4.0) --- updated-dependencies: - dependency-name: thomaseizinger/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 44.3.0 to 44.4.0. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@v44.3.0...v44.4.0) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…private v5.10.3 into private-main

github-actions · 2024-05-23T03:46:50Z

Coverage Report

File	Stmts	Miss	Cover	Missing
empire/server
server.py	129	35	73%	58–60, 63–66, 94, 98, 116–122, 131–132, 139–142, 153–156, 166, 174, 179, 183–184, 196–214
empire/server/api
app.py	106	24	77%	25–27, 31, 36–43, 60–66, 91–97, 159, 164–174
jwt_auth.py	72	10	86%	53, 55, 57, 66, 85, 87–88, 91, 102, 113
middleware.py	12	2	83%	39–40
empire/server/api/v2
shared_dto.py	60	3	95%	68, 84, 90
empire/server/api/v2/agent
agent_api.py	50	1	98%	88
agent_file_api.py	34	1	97%	72
agent_task_api.py	180	22	88%	113–137, 204, 280–281, 312, 321, 338, 359, 388, 403, 422, 439, 456, 475, 494, 517, 532, 546, 561, 567
empire/server/api/v2/download
download_api.py	37	1	97%	57
empire/server/api/v2/listener
listener_api.py	59	4	93%	85, 90, 104, 116
listener_dto.py	48	2	96%	303, 306
listener_template_api.py	18	1	94%	47
empire/server/api/v2/obfuscation
obfuscation_api.py	68	1	99%	132
empire/server/api/v2/plugin
plugin_task_api.py	44	4	91%	81–101, 163
empire/server/api/v2/profile
profile_api.py	46	2	96%	61, 76
empire/server/api/v2/stager
stager_dto.py	44	2	95%	222, 225
stager_template_api.py	18	1	94%	44
empire/server/api/v2/tag
tag_api.py	36	1	97%	77
empire/server/api/v2/user
user_api.py	67	5	93%	60, 83–85, 136, 160
empire/server/api/v2/websocket
socketio.py	92	47	49%	34–39, 42–46, 50–62, 66–68, 80–85, 101–106, 123–128, 140–143, 155, 158, 161, 166
empire/server/common
agents.py	719	587	18%	103–108, 122, 137–143, 165–203, 210–220, 226–240, 277–328, 332–339, 345–395, 402, 431–444, 459–475, 481–499, 506–519, 525–538, 544–562, 642–692, 721–736, 742–745, 757–775, 781–792, 817–1089, 1105–1179, 1189–1249, 1258–1304, 1341–1374, 1380–1389, 1393–1451, 1456–1470, 1475, 1478–1500, 1503–1504, 1509, 1513–1514, 1531, 1545–1797
credentials.py	44	30	32%	39–52, 61–122, 130–161
encryption.py	173	116	33%	42–44, 48, 57–59, 67–68, 77–81, 96–109, 113–118, 125–127, 135–144, 151–158, 166–172, 179–193, 200–204, 211–212, 242, 267–288, 294–309, 315–326, 332, 338, 345–351, 358–362, 368–381, 387
helpers.py	354	180	49%	84–88, 95–96, 111, 196–197, 239, 246–248, 394–429, 439–565, 586, 593–606, 619–629, 634–638, 641–650, 664–672, 679–680, 682–683, 685–686, 710, 722–723, 746–748, 755, 778, 781–784, 787–789, 796–798
listeners.py	8	2	75%	15–20
packets.py	113	75	34%	160, 181–186, 211–248, 256–294, 321–375, 428–431
plugins.py	18	3	83%	28, 33, 38
pylnk.py	590	442	25%	202, 206, 210, 214, 218–223, 227–235, 239–243, 247–251, 255–263, 267, 271, 275, 279, 284–287, 291–292, 296–301, 305–311, 315, 319–327, 337–338, 342–344, 364–366, 369–370, 375–378, 383, 386–388, 391, 394–399, 402, 407, 410–414, 419–452, 455–457, 473, 478–485, 488, 493, 498–526, 529–537, 542–556, 559–594, 599, 604–612, 615–634, 637–640, 643–650, 655, 660–688, 693–716, 719–734, 737–753, 756–789, 792–820, 823, 826–827, 832, 835–837, 842, 845–846, 851, 854–855, 860, 863–864, 869, 872–873, 878, 881–882, 887, 890–894, 899, 904–926, 933–935, 939–954
socks.py	43	30	30%	12–13, 17–19, 25–31, 35–42, 46–57, 60
stagers.py	356	294	17%	27–28, 55–63, 93, 100–101, 130, 153, 161–182, 190–205, 213–250, 258–279, 287–301, 308–354, 360–411, 417–572, 576–646, 649–687, 690–702, 705–807, 811–823
templating.py	30	9	70%	61–63, 72–74, 83–85
empire/server/common/malleable
implementation.py	236	26	89%	162, 164, 347, 351, 356, 476–495, 527
profile.py	127	17	87%	103–104, 144–145, 154, 195, 206, 220, 226, 237, 250, 261, 293, 316–319
transaction.py	374	80	79%	167–186, 199, 214–218, 261, 270, 286–290, 294, 304, 353, 404, 430, 441–442, 448, 469–497, 606–612, 631, 644–646, 753–760, 773, 784, 879, 881, 892, 894, 896
transformation.py	373	121	68%	184, 186, 188, 213, 224–225, 227, 235–236, 238, 284, 290, 294, 325–351, 356–396, 404–441, 456, 467–468, 470, 478–479, 481, 683, 685, 687, 689, 699–700, 724–728, 732, 736, 760, 773, 778, 790, 792–794, 796, 811, 813–815, 817, 835–840, 856, 861, 877–884, 900, 905
utility.py	43	13	70%	29, 45–48, 60–66, 120, 128
empire/server/core
agent_service.py	102	16	84%	83, 86, 89, 138, 164–182, 197
agent_task_service.py	190	36	81%	66–69, 85, 87, 93, 96, 99, 107, 109, 111, 116, 121, 141–146, 175, 206–209, 221, 226–229, 237, 239, 268–285, 373–381
bypass_service.py	65	4	94%	31, 37, 60–61
config.py	97	6	94%	123–126, 135–136
credential_service.py	49	3	94%	32–33, 41
download_service.py	97	22	77%	45, 51, 57, 61, 67–70, 73, 93, 95, 97, 99, 104, 109, 130–141
hooks.py	67	8	88%	77–79, 88–90, 124, 127
hooks_internal.py	115	66	43%	29, 32, 42–46, 115–145, 155–190, 203–222, 232–256
listener_service.py	185	29	84%	107, 135–136, 146, 156, 187–194, 244–253, 274, 284–286, 289–293, 324–328
module_models.py	74	8	89%	84–95, 99–101
module_service.py	371	103	72%	97, 133, 146, 154–158, 162, 169–173, 177–207, 223–268, 347–349, 360, 375–384, 411, 432, 435, 502–525, 528–530, 541–543, 587–588, 605, 619, 628, 632–634, 658, 678–697, 706–707, 725, 758
obfuscation_service.py	139	17	88%	95–97, 108, 120, 125–127, 144–148, 155–158, 234, 252–257
plugin_service.py	185	27	85%	63, 98–99, 103–104, 120–121, 135, 177, 183–187, 275–278, 294, 300, 303, 306, 314, 316, 318, 323, 328
profile_service.py	61	2	97%	41, 85
stager_service.py	98	5	95%	53, 88, 130, 135, 158
stager_template_service.py	47	1	98%	57
tag_service.py	71	17	76%	45, 47, 49, 51, 53, 55, 59–62, 65, 68, 76–79, 84, 87
user_service.py	41	2	95%	15, 50
empire/server/core/db
base.py	88	18	80%	26–28, 36–41, 59, 73–82, 158–164
defaults.py	43	5	88%	87–91, 100–101
models.py	300	10	97%	262–266, 278, 281, 329, 353, 356, 420, 423
empire/server/listeners
dbx.py	450	362	20%	143, 150–161, 183–184, 207–211, 230, 241–245, 280–284, 290, 302–305, 328–329, 335–347, 357–360, 365–372, 389–494, 510–595, 605–658, 709–1015, 1024–1030, 1036–1039
http.py	544	340	38%	231–234, 275, 288, 296–307, 318–321, 342–349, 386, 396–398, 426–429, 437–438, 447–461, 471–474, 479–485, 490–524, 541–542, 557–614, 638–639, 643, 646–648, 656, 673–674, 686–711, 715, 737–738, 741–746, 793–797, 805–1257
http_com.py	363	283	22%	165–166, 173–187, 208–209, 229–234, 243–246, 276–283, 289, 307–311, 317, 340–423, 439–481, 491–517, 523–851, 858–864, 870–873
http_foreign.py	170	72	58%	141, 148–153, 175–178, 197–201, 212, 224–226, 233–238, 244–247, 275–279, 285, 294, 298–301, 328–329, 341–357, 367–370, 375–384, 389, 406–407, 416–417, 425–466, 472, 478
http_hop.py	238	148	38%	99, 106, 128–129, 147–151, 161, 173–175, 182–187, 222–226, 232, 243, 251–254, 282–283, 292–305, 315–318, 323–327, 332, 349–478, 489–490, 498–539, 547–594, 600
http_malleable.py	628	470	25%	163–164, 191, 239, 246–251, 277–278, 296–302, 358, 368–371, 378–389, 399, 408, 418–423, 430, 462–463, 467, 476–477, 488–504, 544–549, 556, 564–567, 572–581, 586, 603–735, 749–830, 841–1366, 1374–1781
onedrive.py	376	308	18%	158, 161–191, 210–211, 223–227, 247–249, 255–260, 279–283, 288, 312–374, 381–418, 432–475, 478–885, 892–898, 904–907
port_forward_pivot.py	369	266	28%	75–76, 82, 104–105, 124–128, 139, 151–154, 161–172, 183–186, 210–218, 234–238, 244, 255, 259–262, 292–296, 302–303, 315–331, 341–344, 349–356, 360–394, 411–521, 537–625, 636–677, 685–854, 861–952
smb.py	205	179	13%	67–68, 74, 93–229, 246–310, 326–372, 383–416, 424–482, 489
empire/server/modules/bof
clipboard_window_inject.py	22	16	27%	16–50
nanodump.py	55	50	9%	14–84
secinject.py	22	16	27%	16–50
tgtdelegation.py	10	4	60%	16–22
empire/server/modules/bof/situational_awareness
netGroupList.py	8	3	62%	14–19
netGroupListMembers.py	8	3	62%	14–19
netLocalGroupList.py	8	3	62%	14–19
netLocalGroupListMembers.py	8	3	62%	14–19
netloggedon.py	8	3	62%	14–19
netshares.py	8	3	62%	14–19
windowlist.py	9	4	56%	14–21
wmi_query.py	9	4	56%	14–21
empire/server/modules/csharp
Assembly.Covenant.py	19	13	32%	16–45
AssemblyReflect.Covenant.py	19	13	32%	16–45
Inject_BOF.Covenant.py	29	19	34%	23–63
ProcessInjection.Covenant.py	69	59	14%	3–4, 24–126
Shellcode.Covenant.py	22	16	27%	16–48
empire/server/modules/powershell/code_execution
invoke_ntsd.py	55	49	11%	15–103
invoke_reflectivepeinjection.py	33	25	24%	19–68
invoke_shellcode.py	21	3	86%	34–35, 41
invoke_shellcodemsil.py	16	10	38%	16–44
empire/server/modules/powershell/collection
SharpChromium.py	26	16	38%	22–48
WireTap.py	18	10	44%	18–34
get_sql_column_sample_data.py	40	34	15%	15–76
minidump.py	19	11	42%	18–38
packet_capture.py	18	13	28%	14–37
screenshot.py	23	17	26%	16–49
empire/server/modules/powershell/credentials
credential_injection.py	35	25	29%	20–70
tokens.py	31	25	19%	16–82
empire/server/modules/powershell/credentials/mimikatz
dcsync_hashdump.py	22	16	27%	16–48
golden_ticket.py	35	26	26%	21–72
lsadump.py	16	10	38%	16–40
mimitokens.py	35	29	17%	16–64
pth.py	35	26	26%	21–70
silver_ticket.py	40	32	20%	18–79
trust_keys.py	15	9	40%	16–37
empire/server/modules/powershell/exfiltration
PSRansom.py	25	19	24%	16–52
empire/server/modules/powershell/exploitation
exploit_eternalblue.py	18	12	33%	16–43
empire/server/modules/powershell/lateral_movement
inveigh_relay.py	33	27	18%	16–91
invoke_dcom.py	34	28	18%	16–90
invoke_executemsbuild.py	53	46	13%	17–113
invoke_psexec.py	36	30	17%	16–95
invoke_psremoting.py	42	35	17%	17–98
invoke_smbexec.py	38	32	16%	16–96
invoke_sqloscmd.py	45	38	16%	16–88
invoke_sshcommand.py	32	25	22%	17–70
invoke_wmi.py	47	40	15%	17–109
invoke_wmi_debugger.py	58	50	14%	17–164
jenkins_script_console.py	26	19	27%	17–64
new_gpo_immediate_task.py	34	27	21%	17–104
empire/server/modules/powershell/management
invoke_bypass.py	14	8	43%	15–33
invoke_script.py	19	13	32%	15–38
logoff.py	11	6	45%	14–27
psinject.py	33	27	18%	16–81
reflective_inject.py	43	35	19%	18–94
runas.py	34	27	21%	17–77
shinject.py	30	23	23%	17–71
spawn.py	27	21	22%	16–74
spawnas.py	45	38	16%	17–78
switch_listener.py	15	9	40%	16–46
user_to_sid.py	8	3	62%	14–24
empire/server/modules/powershell/management/mailraider
disable_security.py	24	18	25%	15–65
get_emailitems.py	17	11	35%	15–50
empire/server/modules/powershell/persistence/elevated
registry.py	66	58	12%	19–166
schtasks.py	80	72	10%	19–206
wmi.py	89	81	9%	19–259
wmi_updater.py	75	67	11%	19–221
empire/server/modules/powershell/persistence/misc
add_sid_history.py	16	10	38%	16–39
debugger.py	37	31	16%	16–118
empire/server/modules/powershell/persistence/powerbreach
deaduser.py	38	30	21%	18–145
eventlog.py	35	27	23%	18–123
resolver.py	38	30	21%	18–132
empire/server/modules/powershell/persistence/userland
backdoor_lnk.py	49	41	16%	19–127
registry.py	75	67	11%	19–205
schtasks.py	76	68	11%	19–198
empire/server/modules/powershell/privesc
ask.py	21	15	29%	16–69
bypassuac.py	23	17	26%	16–61
bypassuac_env.py	24	18	25%	16–60
bypassuac_eventvwr.py	24	18	25%	16–62
bypassuac_fodhelper.py	24	18	25%	16–61
bypassuac_sdctlbypass.py	24	18	25%	16–61
bypassuac_tokenmanipulation.py	29	21	28%	19–65
bypassuac_wscript.py	23	17	26%	16–61
ms16-032.py	19	13	32%	16–52
ms16-135.py	19	13	32%	16–52
empire/server/modules/powershell/privesc/powerup
service_exe_stager.py	31	25	19%	16–67
service_stager.py	26	20	23%	16–58
write_dllhijacker.py	27	21	22%	16–74
empire/server/modules/powershell/recon
fetch_brute_local.py	26	20	23%	15–48
find_fruit.py	23	17	26%	16–63
get_sql_server_login_default_pw.py	23	18	22%	14–50
empire/server/modules/powershell/situational_awareness/host
computerdetails.py	52	46	12%	16–115
empire/server/modules/powershell/situational_awareness/network
get_sql_server_info.py	30	25	17%	14–64
empire/server/modules/powershell/situational_awareness/network/powerview
get_gpo_computer.py	39	32	18%	18–97
get_subnet_ranges.py	36	29	19%	17–80
empire/server/modules/python/collection/osx
imessage_dump.py	15	10	33%	14–176
native_screenshot_mss.py	12	6	50%	16–45
prompt.py	14	9	36%	14–49
search_email.py	12	1	92%	19
sniffer.py	23	18	22%	14–151
empire/server/modules/python/lateral_movement/multi
ssh_launcher.py	18	12	33%	15–67
empire/server/modules/python/management/multi
spawn.py	14	8	43%	16–30
empire/server/modules/python/management/osx
shellcodeinject64.py	18	10	44%	18–138
empire/server/modules/python/persistence/multi
desktopfile.py	15	9	40%	15–59
empire/server/modules/python/persistence/osx
CreateHijacker.py	21	14	33%	23–480
LaunchAgent.py	22	15	32%	17–103
LaunchAgentUserLandPersistence.py	17	11	35%	15–78
loginhook.py	13	8	38%	14–64
mail.py	30	22	27%	18–190
empire/server/modules/python/privesc/multi
CVE-2021-3560.py	17	10	41%	18–43
CVE-2021-4034.py	22	14	36%	19–49
bashdoor.py	12	7	42%	15–47
sudo_spawn.py	19	13	32%	16–41
empire/server/modules/python/privesc/osx
dyld_print_to_file.py	18	11	39%	24–54
piggyback.py	18	12	33%	16–55
empire/server/modules/python/situational_awareness/host/osx
situational_awareness.py	14	9	36%	14–196
empire/server/plugins/ChiselServer-Plugin
chiselserver.plugin	101	71	30%	66–71, 89–184
empire/server/plugins/Report-Generation-Plugin
advanced_reporting.plugin	147	107	27%	67–111, 134–151, 155–176, 179–188, 191–201, 204–220, 227–259, 262–276, 282–285, 298–300
mitre.py	124	85	31%	17–18, 21, 24, 28, 31–40, 44–58, 62–65, 69–71, 74–75, 78–80, 84–103, 106–107, 110–111, 114–115, 118–119, 124–128, 131–135, 138, 143, 146–147, 155–156, 165–181, 189–201, 209, 217–225, 236–237, 245–259, 262–272, 275
empire/server/plugins/SocksProxyServer-Plugin
socksproxyserver.plugin	136	104	24%	83–88, 103–122, 125–130, 137–141, 146–177, 180–188, 191–214, 217–232
empire/server/plugins/basic_reporting
basic_reporting.py	77	54	30%	43–74, 86–99, 102–115, 118–134, 148–152
empire/server/plugins/csharpserver
csharpserver.py	122	82	33%	49–54, 57, 72–118, 121–128, 131–157, 160–187, 198–202
empire/server/plugins/example
example.py	31	31	0%	3–112
empire/server/plugins/reverseshell_stager_server
reverseshell_stager_server.py	109	84	23%	122–129, 132, 147–210, 215, 220–229, 232–248, 251–264
empire/server/plugins/websockify_server
websockify_server.py	55	31	44%	67–75, 78, 93–127
empire/server/stagers/multi
bash.py	22	14	36%	67–92
generate_agent.py	37	29	22%	90–139
launcher.py	34	6	82%	116–124, 147–148
macro.py	53	43	19%	120–253
pyinstaller.py	52	6	88%	100–102, 113–114, 143
war.py	44	34	23%	91–183
empire/server/stagers/osx
applescript.py	19	11	42%	62–83
application.py	26	17	35%	81–113
ducky.py	25	18	28%	60–88
dylib.py	26	18	31%	73–103
jar.py	18	11	39%	60–79
macho.py	18	11	39%	60–83
macro.py	40	32	20%	85–187
pkg.py	28	20	29%	72–109
safari_launcher.py	23	16	30%	67–107
shellcode.py	24	17	29%	68–158
teensy.py	76	69	9%	61–144
empire/server/stagers/windows
backdoorLnkMacro.py	148	129	13%	151–159, 163–484
bunny.py	48	39	19%	107–176
cmd_exec.py	46	35	24%	105–164, 167–179
csharp_exe.py	51	43	16%	102–172
dll.py	41	11	73%	107–108, 112, 115–118, 121–132, 156–157
ducky.py	42	34	19%	94–163
hta.py	37	29	22%	86–145
launcher_bat.py	50	9	82%	90–91, 110, 125–135, 144–145
launcher_lnk.py	39	30	23%	118–182
launcher_sct.py	52	44	15%	96–174
launcher_vbs.py	34	26	24%	82–138
launcher_xml.py	83	75	10%	82–192
macro.py	79	19	76%	160, 164, 167–178, 201–202, 228–240
ms16-051.py	35	27	23%	95–283
nim.py	52	43	17%	83–170
reverseshell.py	23	13	43%	61–67, 70–86
shellcode.py	58	47	19%	5–6, 107–185
teensy.py	113	105	7%	82–218
wmic.py	42	34	19%	96–159
empire/server/utils
data_util.py	50	10	80%	34–44, 57–58, 60, 64
file_util.py	26	1	96%	28
listener_util.py	30	11	63%	13–19, 99–112
log_util.py	51	7	86%	41–43, 46–49
math_util.py	5	3	40%	9–12
option_util.py	74	18	76%	97, 117–131, 140–149, 157
TOTAL	17746	9407	47%

Tests	Skipped	Failures	Errors	Time
347	0 💤	0 ❌	0 🔥	11m 28s ⏱️

* allow starkiller to be disabled * allow port to be configured via the config.yaml * changelog * allow for unset field

Cx01N and others added 7 commits May 22, 2024 12:34

Fixed generate_agent having a mismatched function names (EmpireProjec…

6a2de33

…t#821) * Fixed issue with generate_agent having a mismatched function name for stageless * formatting

Prepare release 5.10.3 private

d05e4bd

Merge pull request EmpireProject#824 from BC-SECURITY/release/5.10.3-…

cd89349

…private v5.10.3 into private-main

Merge branch 'main' into release/5.10.3

7052e47

vinnybod merged commit 8283bbc into main May 23, 2024
5 of 6 checks passed

vinnybod deleted the release/5.10.3 branch May 23, 2024 03:41

cmndcntrlcyber pushed a commit to cmndcntrlcyber/Empire that referenced this pull request May 27, 2024

5.8 additions (BC-SECURITY#730)

f263d17

* allow starkiller to be disabled * allow port to be configured via the config.yaml * changelog * allow for unset field

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v5.10.3 into main #730

v5.10.3 into main #730

vinnybod commented May 23, 2024

github-actions bot commented May 23, 2024

v5.10.3 into main #730

v5.10.3 into main #730

Conversation

vinnybod commented May 23, 2024

github-actions bot commented May 23, 2024