Skip to content

Commit

Permalink
Merge pull request #730 from BC-SECURITY/release/5.10.3
Browse files Browse the repository at this point in the history
v5.10.3 into main
  • Loading branch information
vinnybod authored May 23, 2024
2 parents f1970a7 + 7052e47 commit 8283bbc
Show file tree
Hide file tree
Showing 17 changed files with 72 additions and 252 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/cherry-pick-main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ jobs:
- name: Push new branch
run: git push origin cherry-pick-${{ env.COMMIT_HASH }}
- name: Create pull request into private-main
uses: thomaseizinger/create-pull-request@1.3.1
uses: thomaseizinger/create-pull-request@1.4.0
with:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
title: Cherry-pick ${{ github.event.inputs.commitHash }} to private-main
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/lint-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ jobs:
# To save CI time, only run these tests when the install script or deps changed
- name: Get changed files using defaults
id: changed-files
uses: tj-actions/changed-files@v44.3.0
uses: tj-actions/changed-files@v44.4.0
- name: Build images
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
run: docker compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel ${{ join(matrix.images, ' ') }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-private-start.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:
- name: Push new branch
run: git push origin ${{ env.RELEASE_BRANCH }}
- name: Create pull request into ${{ env.TARGET_BRANCH }}
uses: thomaseizinger/create-pull-request@1.3.1
uses: thomaseizinger/create-pull-request@1.4.0
with:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
head: ${{ env.RELEASE_BRANCH }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-public-start.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ jobs:
- name: Push new branch
run: git push public ${{ env.RELEASE_BRANCH }}
- name: Create pull request into main
uses: thomaseizinger/create-pull-request@1.3.1
uses: thomaseizinger/create-pull-request@1.4.0
with:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
head: ${{ env.RELEASE_BRANCH }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release-sponsor-kali-start.yml
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ jobs:
- name: Push new branch
run: git push origin ${{ env.RELEASE_BRANCH }}
- name: Create pull request into ${{ env.TARGET_BRANCH }}
uses: thomaseizinger/create-pull-request@1.3.1
uses: thomaseizinger/create-pull-request@1.4.0
with:
GITHUB_TOKEN: ${{ secrets.RELEASE_TOKEN }}
head: ${{ env.RELEASE_BRANCH }}
Expand Down
26 changes: 25 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,28 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [5.10.3] - 2024-05-23

### Changed

- Updated the default value for Sharpup to audit (@Cx01N)
- Updated the default value for Seatbelt to AntiVirus (@Cx01N)
- Updated the default value for SharpWMI to action=query (@Cx01N)
- Updated the default value for SharpSC to action=query service= (@Cx01N)
- Updated GetSystem to require admin (@Cx01N)
- Updated the default value for Moriarty to --debug (@Cx01N)

### Fixed

- Fixed issue with generate_agent having a mismatched function name for stageless (@Cx01N)
- Fixed parsing issue for C# portscan with commas (@Cx01N)
- Fixed error for PrivExchange with missing System.XML.dll (@Cx01N)

### Removed

- Removed BypassUACGrunt due to compatibility with only Covenant (@Cx01N)
- Removed BypassUACCommand due to compatibility with only Covenant (@Cx01N)

## [5.10.2] - 2024-05-05
- Updated Starkiller to v2.8.1

Expand Down Expand Up @@ -841,7 +863,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Updated shellcoderdi to newest version (@Cx01N)
- Added a Nim launcher (@Hubbl3)

[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.2...HEAD
[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.3...HEAD

[5.10.3]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.2...v5.10.3

[5.10.2]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.1...v5.10.2

Expand Down
2 changes: 1 addition & 1 deletion empire/server/common/empire.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@

from . import agents, credentials, listeners, stagers

VERSION = "5.10.2 BC Security Fork"
VERSION = "5.10.3 BC Security Fork"

log = logging.getLogger(__name__)

Expand Down
Binary file modified empire/server/csharp/Covenant/Data/AssemblyReferences/net35/System.XML.dll
100755 → 100644
Binary file not shown.
7 changes: 3 additions & 4 deletions empire/server/listeners/http_malleable.py
Original file line number Diff line number Diff line change
Expand Up @@ -441,7 +441,9 @@ def generate_launcher(
launcherBase,
obfuscation_command=obfuscation_command,
)
stager = self.mainMenu.obfuscationv2.obfuscate_keywords(stager)
launcherBase = self.mainMenu.obfuscationv2.obfuscate_keywords(
launcherBase
)

if encode and (
(not obfuscate) or ("launcher" not in obfuscation_command.lower())
Expand Down Expand Up @@ -770,9 +772,6 @@ def generate_agent(
with open(self.mainMenu.installPath + "/data/agent/agent.ps1") as f:
code = f.read()

# Get the random function name generated at install and patch the stager with the proper function name
code = self.mainMenu.obfuscationv2.obfuscate_keywords(code)

# strip out the comments and blank lines
code = helpers.strip_powershell_comments(code)

Expand Down
6 changes: 3 additions & 3 deletions empire/server/modules/csharp/GhostPack.Covenant.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,7 @@
TokenTask: false
Options:
- Name: Command
Value: ''
Value: 'audit'
DefaultValue: ''
Description: SharpUp command to execute.
SuggestedValues:
Expand Down Expand Up @@ -610,7 +610,7 @@
TokenTask: false
Options:
- Name: Command
Value: ''
Value: 'AntiVirus'
DefaultValue: ''
Description: Seatbelt command to execute.
SuggestedValues:
Expand Down Expand Up @@ -854,7 +854,7 @@
TokenTask: false
Options:
- Name: Command
Value: ''
Value: 'action=query'
DefaultValue: ''
Description: SharpWMI command to execute.
SuggestedValues:
Expand Down
2 changes: 1 addition & 1 deletion empire/server/modules/csharp/Moriarty.Covenant.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@
TokenTask: false
Options:
- Name: Command
Value: ''
Value: '--debug'
DefaultValue: ''
Description: Command to execute.
SuggestedValues: []
Expand Down
2 changes: 1 addition & 1 deletion empire/server/modules/csharp/SharpSC.Covenant.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@
TokenTask: false
Options:
- Name: Command
Value: ''
Value: 'action=query service='
DefaultValue: ''
Description: SharpSC command to execute.
SuggestedValues:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1450,7 +1450,7 @@
try
{
List<int> portList = new List<int>();
foreach (string entry in Ports.Split(','))
foreach (string entry in Ports.Split(';'))
{
if (entry.Contains("-"))
{
Expand Down Expand Up @@ -1485,9 +1485,9 @@
DisplayInCommand: true
FileOption: false
- Name: Ports
Value: 80,443-445,3389
Value: 80; 443-445; 3389
DefaultValue: ''
Description: Ports to scan. Comma-delimited port list, use hyphens for port ranges
Description: Ports to scan. Semicolon delimited port list, use hyphens for port ranges
SuggestedValues: []
Optional: false
DisplayInCommand: true
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,12 @@
- Name: System.IdentityModel.dll
Location: net35\System.IdentityModel.dll
DotNetVersion: Net35
- Name: System.XML.dll
Location: net35\System.XML.dll
DotNetVersion: Net35
- Name: System.XML.dll
Location: net40\System.XML.dll
DotNetVersion: Net40
EmbeddedResources: []
ReferenceAssemblies: []
EmbeddedResources: []
Loading

0 comments on commit 8283bbc

Please sign in to comment.