Releases: BC-SECURITY/Empire
Empire v4.0.2
8/16/2021
- Version 4.0.2 Master Release
- Added socketio messages to screenshot/download/upload (@Cx01N)
- Added help message when no input is given to empire.py (@Cx01N)
- Fixed missing slash for module directories (@Cx01N)
- Fixed modules Get-SQLServerLoginDefaultPw and PortScan (@jamarir)
- Fixed formatting bug in the options table on the listener menu (@vinnybod)
- Fixed querying retain-last-value config parameters (@ilanisme)
- Fixed invalid concat on keylogs (@Cx01N)
- Fixed mimikatz command and added suggested values (@Cx01N)
- Fixed misc bugs (@vinnybod)
- Updated suggested values for stagers and reformatted code (@Cx01N)
- Updated editlistener menu (@vinnybod)
- Removed client suppression for job started taskings (@Cx01N)
Contributors
Assets 2
Empire v4.0.1
7/19/2021
- Version 4.0.1 Master Release
6/28/2021
- Version 4.0.0 Master Release
- Breaking Changes
- Removed old Empire CLI and cmdloop from server (@Cx01N)
- The credential create endpoint now accepts a single credential instead of a list
- Some endpoints which were previously throwing 500s when not found, now properly return a 404
- Plugin endpoints and socketio channels renamed to plural (plugin -> plugins) to match naming convention of other resources (@vinnybod)
- New Features
- Integrated server and client into Empire (@Cx01N, @vinnybod)
- Introduced C# agents (@Hubbl3)
- Integrated Covenant Roslyn compiler for task compilation (@Hubbl3)
- Covenant Task compatibility (@Hubbl3, @vinnybod)
- Added support for 'suggested values' on the server and auto completing the suggested values in the CLI (@vinnybod)
- Added new launch parameters for starting server/client (@Cx01N, @vinnybod)
- Added Offensive DLR Modules: IronPython, ClearScript, & Boolang (@Cx01N)
- Added MS16-051 stager (@Cx01N)
- Added Start-ProcessAsUser module (@Cx01N)
- Added NTLM-Extract module (@Cx01N)
- Added Invoke-SharpSecDump module (@Cx01N)
- Added sriptimport and scriptcommand to API (@Cx01N)
- Added auto generate certificate function to startup script (@Cx01N)
- Added Invoke-SpoolSample (@Cx01N)
- Added redirector chaining and proper tunneling (@Cx01N)
- Updated pycrypto to pycryptodome (@Cx01N)
- Updated PowerDump with AES NTLM hashes (@Cx01N)
- Updated cert/install/reset script with new directories (@Cx01N)
- Updated all modules to new YAML format (@vinnybod, @Cx01N)
- Updated to Mimikatz 2.2.0 20210531 X11 RDP Clients (@Cx01N)
- Removed M2Crypto dependency (@Cx01N)
- Simplified kill/remove commands and added 'all' and 'stale' options (@Cx01N)
- Removed the need for manual database timestamp updates, merge taskings and results table to a single table (@vinnybod)
- Added a socketio event for when tasking results come back (@vinnybod)
- Readded rastamouse's bypass (@Cx01N)
- Added a 'since' query parameter to the tasks endpoint for more efficient querying (@vinnybod)
- Added socketio tasking event handler to CLI for displaying task results in the interact menu (@vinnybod)
- Install script prompts for xar, bomutils, openjdk, and dotnet for a more streamlined install (@vinnybod)
- Install script now includes dotnet (@vinnybod)
- Dockerfile size decreased by ~1GB by only installing the essentials. There is a note in the README (@vinnybod)
- Made powershell bypasses dynamic. Now set with a single field
Bypassesand they will be applied in the order provided (@vinnybod) - Added API endpoints for managing bypasses (@vinnybod)
- Add processor architecture to powershell, csharp, and python agents (@vinnybod)
- Add a display command to interact menu (@vinnybod)
- Add additional endpoints for credential for get, update, and delete (@vinnybod)
- Add create, update, remove credential functionality to the CLI (@Cx01N)
- Add an "output function" option on several modules (@jamarir)
- Updated shellcoderdi to newest version (@Cx01N)
- Added a Nim launcher (@Hubbl3)
- Breaking Changes
Empire v3.8.2
3/28/2021
- Version 3.8.2 Master Release
- Fixed issue with try/catch preventing agent connections for http_hop/http listeners (@Cx01N)
3/22/2021
- Version 3.8.1 Master Release
- Fixed http_hop listener options not being copied properly (@Cx01N)
3/7/2021
- Version 3.8.0 Master Release
- Fix for literal comparison warnings in Python agent - #428 (@mattbogenberger)
- Add an Invoke-SweetPotato module - #433 (@Invoke-Mimikatz)
- Fix failed ticket generation in Invoke-Kerberoast - #434 (@Pen-Git)
- Add ability to specify the bind IP for RESTful API - #431 (@meldridge)
Empire v3.7.2
-
Version 3.7.2 Master Release
- Fixed Malleable C2 issue where netbios/netbiosu transformations used excessive resources (@Cx01N)
- Fixed error when loading http_hop listener options (@Cx01N) -
Version 3.7.1 Master Release (Kali Build Only)
- Added Kali message to main menu -
Version 3.7.0 Master Release
- Revamped backend database from direct sqlite3 to SQLAlchemy (@Cx01N, @vinnybod)
- Added new Empire CLI to packaging (@vinnybod)
- Added malleable C2 profiles to empire directory: /data/profiles (@Cx01N)
- Added --teamserver option to launcher (@Cx01N)
- Added support for logging into Empire from multiple locations (@vinnybod)
- Added Invoke-WireTap (@Cx01N)
- Added Invoke-SauronEye (@Cx01N)
- Added Invoke-SharpLoginPrompt (@Cx01N)
- Fixed OneDrive Listener with new database (@Cx01N)
- Removed need to run setup database script (@vinnybod)
- Updated docker image to use the locked dependencies in pyproject.toml (@vinnybod)
Empire v3.6.3
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Added save path to download file message - #414 (@meldridge)
- Updated installation file formatting - #410 (@Pernat1y)
- Fixed python 3.9.1 issue with deprecated base64 function - #422 (@brimstone)
- Fixed dump creds and hash not being logged in credentials properly - #423 (@Cx01N)
Empire v3.6.2
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Added python support for HTTP malleable listener - #404 (@adamczi)
- Added new admin menu API endpoints - #403 (@vinnybod, @Cx01N)
- Added chat server for Starkiller and new Empire CLI integration - #403 (@vinnybod, @Cx01N)
- Added module PrivescCheck - #401 (@Invoke-Mimikatz)
- Fixed error in malleable profiles when http-stager is not defined - #407 (@Cx01N)
Empire v3.6.1
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
Empire v3.6.0
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Added new API endpoints for user and agent notes - #383 (@Cx01N)
- Added (readded) PowerView function add-netuser - #381 (@Cx01N)
- Added Invoke-SharpChisel module - #368 (@Invoke-Mimikatz)
- Added command option to psremoting and smbexec - #380 (@Invoke-Mimikatz)
- Added option to use multiple redirector listeners and chaining - #389 (@Cx01N)
- Added Invoke-Assembly module - #376 (@Invoke-Mimikatz)
- Updated API endpoints for dynamic plugin calls - #383 (@Cx01N)
- Updated plugin and module templates - #384 (@Cx01N)
- Fixed smbscanner to work on Windows 10 - #380 (@Invoke-Mimikatz)
- Fixed update agent comms (updatecomms) not properly changing - #382 (@Cx01N)
- Fixed download endpoint formatting and error handling - #383 (@Cx01N)
- Fixed issue with passing arguments to Get-DomainSID module - #374 (@mjokic)
- Fixed bat file length limit issue - #385 (@Hubbl3)
Empire v3.5.2
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
Empire v3.5.1
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Fixed Invoke-Obfuscation in Kali/Dockers - #348 (@Cx01N)
- Refactored /api/map endpoint - #337 (@mattaereal)