v5.5.3

[5.5.3] - 2023-07-20

• Updated Starkiller to v2.4.2
• Updated restip message to show IP address on server (@Cx01N)
• Fixed onedrive taskings for powershell (@Cx01N)
• Update pyyaml to 6.0.1 to avoid build issue from cython (@vinnybod)
• Use MariaDB in Debian (@vinnybod)

[5.5.2] - 2023-07-14

• Fix TypeError and crash when using main command in client (@jellyjellyrobot)
• Fix extraneous semi-colon breaking powershell 'literal' execution (@crittico)

[5.5.1] - 2023-07-06

• Fix basic_reporting plugin using the wrong agent checkin column

[5.5.0] - 2023-06-21

• Break out agent checkins to a new table (@vinnybod)
  • New checkins endpoint to get them as a list
  • New checkins aggregate endpoint to get aggregated checkin data
  • Aggregate endpoint not supported with SQLite
• Add a warning message about using SQLite
• Added LinPEAS to Python modules (@Cx01N)
• Added python obfusscation using python-obfuscator (@Cx01N)
• Added IronPython SMB Agents/Listener (@Cx01N)
• Expand file options to plugins, stagers, and listeners (@vinnybod)
• Added Python agent support to hop listener (@Cx01N)
• Added staging to hop listener (@Cx01N)
• Added python module for Pwnkit (CVE-2021-4034) (@Cx01N)
• Added python module for Polkit (CVE-2021-3560) (@Cx01N)
• Fixed safecheck error for python module sudo spawn (@Cx01N)
• Fixed file error in Invoke-Shellcode (@Cx01N)
• Removed duplicate modules between languages (@Cx01N)
  • Removed .NET Core modules due to errors
  • Removed redundant C# lateral movement modules
  • Removed Covenant Mimikatz in favor of Invoke-Mimikatz
  • Removed Invoke-Assembly in favor of Covenant's execute assembly
  • Removed Invoke-BOF in favor of RunOF
  • Removed Invoke-Rubeus in favor of Covenant's Rubeus
  • Removed Invoke-Seatbelt in favor of Covenant's Seatbelt
  • Removed Bloodhound v1 module
• Revamped malleable profiles and increased their generation reliability (@Cx01N)
• Allow the server to start even when starkiller sync fails (@vinnybod)
• Remove libssl1.1 from the install script since it doesn't appear to be needed and causes install failures on some OS (@vinnybod)
• Fix the restip argument which wasn't being used (@vinnybod)
• Added reload endpoint to Malleable Profiles, Modules, Bypasses, and Plugins (@Cx01N)
• Updated and fixed pyinstaller stager (@Cx01N)

v5.4.2

[5.4.2] - 2023-06-07

• Updated Starkiller to v2.3.2
• Fixed python modules not running properly (Cx01N)
• Updated python multi_socks to run with Python 3 (Cx01N)

[5.4.1] - 2023-06-02

• Fix database reset issue with MySQL (@vinnybod)
• Add a message to the client recommending the use of the Starkiller (@vinnybod)
• Fixed issue with Invoke-wmi not returning a success message (@Cx01N)
• Fixed dynamic function issue with Powerview (@Cx01N)
• Pair down the amount of minutes needed to run pull request builds (@vinnybod)

[5.4.0] - 2023-05-22

• Remove Starkiller as a submodule, treat it as a normal directory (@vinnybod)
  • Everything should 'just work', but if you have issues after pulling these latest changes, try deleting the Starkiller directory before running the server rm -r empire/server/api/v2/starkiller.
• Some improvements to the release flow after starkiller submodule removal (@vinnybod)

[5.3.0] - 2023-05-17

• Add the ability to specify a module option as a file (@vinnybod)

v5.2.2

[5.2.2] - 2023-04-30

• Updated Starkiller to v2.2.0
• Dependency upgrades (@vinnybod)

[5.2.1] - 2023-04-30

• Updated Donut to v1.0.2 (@Cx01N)
• Fixed issue with install path not being used properly when switching empire location (@vinnybod)
• Lock nim version in the install script (@vinnybod)
• Fixed issue with Powerview modules not performing dynamic detect on overhead functions (@Cx01N)
• Fixes for the onedrive listener that broke with 5.0 (@vinnybod)

[5.2.0] - 2023-03-31

• Added new plugin functionality (@vinnybod)
  • Added plugin tasks
  • Added plugin task endpoints
  • Gave plugins kwargs to allow for more flexibility. Plugins are now receiving a database session and user object.
• Tasks renamed to AgentTasks to avoid confusion with PluginTasks
• Rename tasking to task in most places to standardize the naming. The hook names have not been changed yet.
• Fix Starkiller error in Docker (@0x4xel)
• Fixed launcher_bat to work with all listeners (@Cx01N)
• Fixed issue with duplicate Server Header being added by Flask (@Cx01N)
• Fixed malleable c2 not generating IronPython agents correctly (@Cx01N)

v5.1.2

[5.1.2] - 2023-03-29

• Updated Starkiller to v2.1.1
• Removed thread from IronPython agent (@Hubbl3)
• Fixed foreign listener issue with cookies (@Hubbl3)
• Fixed error message handling for port forward pivot (@Cx01N)
• Fixed upload not reporting error in PowerShell agent (@Cx01N)
• Fixed client not giving option to select upload directory (@Cx01N)
• Fixed persistence/powerbreach/eventlog launcher generation (@Cx01N)

[5.1.1] - 2023-03-17

• Added D/Invoke option to Process Injection (@Cx01N)
• Added IronPython and csharp to windows/launcher_bat (@Cx01N)
• Added language option to spawn and spawnas modules (@Cx01N)
• Fixed issue with powershell and ironpython agents not using public classes (@Cx01N)
• Fixed issue where large shellcode files lock up server in Invoke_Shellcode (@Cx01N)
• Increased the default time for base64 encoded ironpython payloads (@Cx01N)
• Fix issue with large stacktrace on stale socketio connection (@vinnybod)

[5.1.0] - 2023-03-01

• Added a 'modified_input' field to the 'execute module' task (@vinnybod)
• Added an endpoint to get the script for a module (@vinnybod)

v5.0.4

[5.0.4] - 2023-02-25

• Fix module error in PSRansom (@Cx01N)
• Update the install script to set up a new db user instead of overwriting the root user (@vinnybod)
• Update the Starkiller syncer to skip updating if not in a git repo (@vinnybod)
• Update the Docker CI action to publish latest on 'main' branch (@vinnybod)
• Fix install of Poetry for Debian based systems (@vinnybod)

v5.0.3

[5.0.3] - 2023-02-20

• Updated Starkiller to v2.0.5
• Fix Invoke-Kerberoast with etype 17 or 18 (@AdrianVollmer)
• Add 3.11 support, bump Dockerfile to 3.11, bump Debian install to 3.8.16 (@Cx01N)
• Update the GitHub actions to remove usages of deprecated ::set-output function (@vinnybod)
• Update plugin submodule references post 5.0 branch merges (@vinnybod)

[5.0.2] - 2023-02-14

• Fix the test that detects errors loading modules (@vinnybod)
• Allow empty user id and username on the task API (@vinnybod)
• Rename module_slug to module_id for tasks for consistent naming on the api (@vinnybod)
• Add a shebang to the checkout-latest-tag.sh script (@xambroz)

[5.0.1] - 2023-02-04

• Fixed the uniqueness check for MariaDB (@vinnybod)
• Fixed redirector issue with parent listeners (@Cx01N)
• Added exception for agent task when server is initializing (@Cx01N)
• Fixed listener menu displaying error when viewing options (@Cx01N)
• Starkiller sync process now attempts to pull the ref from the remote (@vinnybod)
• Auto-merge private-main to downstream main branches using a label (@vinnybod)
• Fixed error in IronPython agent when running PowerShell tasks (@Cx01N)
• Fixed issue adding comms twice to stageless python agents (@Cx01N)
• Updated Redirector to Port Forward Pivot (@Cx01N)
• Updated to Mimikatz 2.2.0-20220919 (@Cx01N)
• Add Ruff linter and pre-commit hook (@vinnybod)

[5.0.0] - 2023-01-15

• Added Starkiller as an integrated web app (@vinnybod)
• Added full MySQL support (@vinnybod)
  • MySQL is the new default
  • Database type can be changed by setting database.use in config.yaml or environment variable DATABASE_USE
  • SQLite is still supported
  • The Docker image still defaults to SQLite, but can be changed to MySQL by modifying the config.yaml or setting the environment variable DATABASE_USE=mysql.
• Added v2 API (@vinnybod)
• Added autogenerated docs for v2 API (@vinnybod)
• Added stageless options for agents (@Cx01N)
• Added clear window command to client (@Cx01N)
• Added mouse_support to client (@Cx01N)
• Added RunOF module to support COFF/BOF execution (@Cx01N)
• Added new database table for files (@vinnybod)
• Added server-side storage of stagers (@vinnybod)
• Added new listener object is created for each listener instead of using a shared state (@vinnybod)
• Added listener, agent, and task hooks (@vinnybod)
• Added db session to hooks (@vinnybod)
• Added global obfuscation config and removed from config table (@vinnybod)
• Added authors to bypass endpoints (@vinnybod)
• Added a help command to the client to print the full doc string of a function. such as help shell or help script_import (@vinnybod)
• Added --literal flag that can be used on shell commands that forces the agent to execute the command literally, ignoring any built-in aliases that exist such as for whoami or ps (@vinnybod)
• Updated plugins endpoints and options (@vinnybod)
• Updated authentication to use JWT auth instead of basic auth (@vinnybod)
• Updated to MITRE ATT&CK v11 for sub-technique and tactic support (@Cx01N)
• Updated SOCKS & Chisel plugins for 5.0 (@Cx01N)
• Updated socketio emit to be async (@vinnybod)
• Updated hooks to handle sync or async functions (@vinnybod)
• Updated authors to have name, handle, and link for modules, listeners, stagers, and plugins (@vinnybod)
• Updated Dockerfile for better caching (@vinnybod)
• Updated agent.py to extract logic for sleep duration and lazily calculate file sizes (@lavafroth)
• Moved keyword_obfuscation config property under database defaults (@vinnybod)
• Moved obfuscate and obfuscateCommand defaults under database.defaults.obfuscation (@vinnybod)
• Restructured all the 'common' code (@vinnybod)
• Converted reports to a plugin (@Cx01N)
• Converted generate_agent module to stager (@Cx01N)
• Removed malleable.Profile from listener options (@Cx01N)
• Removed old REST API (@vinnybod)
• Removed old WebSocket API (@vinnybod)
• Removed socketport since socketio runs on the same port as the API (@vinnybod)
• Removed AFTER_AGENT_STAGE2_HOOK and replaced with AFTER_AGENT_CHECKIN_HOOK (@vinnybod)
• Removed last seen time for users since it could cause db locking issues (@vinnybod)
• Removed pydispatcher (@vinnybod)
• Removed prompt line from server (@vinnybod)

v4.10.0

[4.10.0] - 2023-01-03

• Updated agent model for consumer methods to use the info property (@lavafroth)
• Debian 11, Ubuntu 2204, and ParrotOS Support (@vinnybod)
• Add a "-y" option to the install script and fixed a bunch of formatting (@ajanvrin)
• Fixed issues with stripping comments from Python code and executing certain Python modules (@Jackrin)
• Added C# Crypto Miner module (@Cx01N)
• Added PSRansom module (@Cx01N)

v4.9.0

[4.9.0] - 2022-11-29

• New CI/CD Process (@vinnybod)

v4.8.4

[4.8.4] - 2022-11-26

• Fixed #540 PydanticModule object has no attribute 'info' in API module search (@lavafroth)
• Fixed agent/server module version check (@Jackrin)

v4.8.3

[4.8.3] - 2022-11-11

[4.8.2] - 2022-11-11

• Updated crontab method to work with python3 (@Cx01N)
• Updated linux_privesc_check to work with python3 (@Cx01N)
• Fixed mistakes in README.md (@Cx01N)
• Removed unused class in python agents (@Cx01N)