Skip to content

Commit

Permalink
Merge pull request #760 from BC-SECURITY/release/5.11.7
Browse files Browse the repository at this point in the history
v5.11.7 into main
  • Loading branch information
vinnybod authored Nov 11, 2024
2 parents 1ff9de8 + ddf6cb0 commit 8f41087
Show file tree
Hide file tree
Showing 10 changed files with 65 additions and 152 deletions.
2 changes: 1 addition & 1 deletion .github/install_tests/cst-config-kali.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ commandTests:
- name: "mysql version"
command: "mysql"
args: ["--version"]
expectedOutput: ["mysql Ver 15.*10.*-MariaDB"]
expectedOutput: ["mysql from 11.*-MariaDB*"]
4 changes: 2 additions & 2 deletions .github/workflows/lint-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -85,7 +85,7 @@ jobs:
DATABASE_USE=sqlite poetry run pytest . -v --runslow
- name: Pytest coverage comment
if: ${{ matrix.python-version == '3.12' }}
uses: MishaKav/pytest-coverage-comment@v1.1.52
uses: MishaKav/pytest-coverage-comment@v1.1.53
with:
pytest-coverage-path: ./pytest-coverage.txt
junitxml-path: ./pytest.xml
Expand Down Expand Up @@ -139,7 +139,7 @@ jobs:
# To save CI time, only run these tests when the install script or deps changed
- name: Get changed files using defaults
id: changed-files
uses: tj-actions/changed-files@v45.0.3
uses: tj-actions/changed-files@v45.0.4
- name: Build images
if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
run: docker compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel ${{ join(matrix.images, ' ') }}
Expand Down
9 changes: 8 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

## [5.11.7] - 2024-11-11

- Fix arm installs by installing dotnet and powershell manually
- Fix issue initializing some databases by removing the unused Reporting table

## [5.11.6] - 2024-11-08

- Fixed extra character in nanodump.x64.o
Expand Down Expand Up @@ -939,7 +944,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- Updated shellcoderdi to newest version (@Cx01N)
- Added a Nim launcher (@Hubbl3)

[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.6...HEAD
[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.7...HEAD

[5.11.7]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.6...v5.11.7

[5.11.6]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.5...v5.11.6

Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
# 2) create volume storage: `docker create -v /empire --name data bcsecurity/empire`
# 3) run out container: `docker run -it --volumes-from data bcsecurity/empire /bin/bash`

FROM python:3.12.2-bullseye
FROM python:3.12.6-bullseye

LABEL maintainer="bc-security"
LABEL description="Dockerfile for Empire server and client. https://bc-security.gitbook.io/empire-wiki/quickstart/installation#docker"
Expand Down
2 changes: 1 addition & 1 deletion empire/server/common/empire.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@

from . import agents, credentials, listeners, stagers

VERSION = "5.11.6 BC Security Fork"
VERSION = "5.11.7 BC Security Fork"

log = logging.getLogger(__name__)

Expand Down
45 changes: 6 additions & 39 deletions empire/server/common/helpers.py
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@
import ipaddress
import json
import logging
import os
import random
import re
import socket
Expand All @@ -53,8 +52,6 @@
import urllib.request
from datetime import datetime

import netifaces

from empire.server.utils.math_util import old_div

log = logging.getLogger(__name__)
Expand Down Expand Up @@ -602,44 +599,14 @@ def lhost():
"""
Return the local IP.
"""

if os.name != "nt":
import fcntl
import struct

def get_interface_ip(ifname):
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
return socket.inet_ntoa(
fcntl.ioctl(
s.fileno(),
0x8915, # SIOCGIFADDR
struct.pack("256s", ifname[:15].encode("UTF-8")),
)[20:24]
)
except OSError:
return ""

ip = ""
try:
ip = socket.gethostbyname(socket.gethostname())
except socket.gaierror:
pass
# Create a socket and connect to a remote server
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
ip = s.getsockname()[0]
s.close()
except Exception:
log.error("Unexpected error:", exc_info=True)
return ip

if (ip == "" or ip.startswith("127.")) and os.name != "nt":
interfaces = netifaces.interfaces()
for ifname in interfaces:
if "lo" not in ifname:
try:
ip = get_interface_ip(ifname)
if ip != "":
break
except Exception:
log.error("Unexpected error:", exc_info=True)
pass
ip = "127.0.0.1"
return ip


Expand Down
13 changes: 0 additions & 13 deletions empire/server/core/db/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -455,19 +455,6 @@ def __repr__(self):
return f"<PluginTask(id='{self.id}')>"


class Reporting(Base):
__tablename__ = "reporting"
id = Column(Integer, Sequence("reporting_id_seq"), primary_key=True)
name = Column(String(255), nullable=False)
event_type = Column(String(255))
message = Column(Text)
timestamp = Column(UtcDateTime, default=utcnow(), nullable=False)
taskID = Column(Integer, ForeignKey("agent_tasks.id"))

def __repr__(self):
return f"<Reporting(id='{self.id}')>"


class Keyword(Base):
__tablename__ = "keywords"
id = Column(Integer, Sequence("keyword_seq"), primary_key=True)
Expand Down
41 changes: 1 addition & 40 deletions poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 1 addition & 2 deletions pyproject.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[tool.poetry]
name = "empire-bc-security-fork"
version = "5.11.6"
version = "5.11.7"
description = ""
authors = ["BC Security <info@bc-security.org>"]
readme = "README.md"
Expand All @@ -21,7 +21,6 @@ macholib = "^1.16.3"
dropbox = "^11.36.2"
pyOpenSSL = "^24.0.0"
zlib_wrapper = "^0.1.3"
netifaces = "^0.11.0"
jinja2 = "^3.1.3"
xlutils = "^2.0.0"
pyparsing = "^3.1.1"
Expand Down
96 changes: 44 additions & 52 deletions setup/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -23,36 +23,26 @@ done
function command_exists() {
command -v "$1" >/dev/null 2>&1;
}

function install_powershell() {
echo -e "\x1b[1;34m[*] Installing PowerShell\x1b[0m"
if [ "$OS_NAME" == "DEBIAN" ]; then
# TODO Temporary until official Debian 12 support is added
VERSION_ID_2=$VERSION_ID
if [ "$VERSION_ID" == "12" ]; then
VERSION_ID_2="11"
fi
wget https://packages.microsoft.com/config/debian/"${VERSION_ID_2}"/packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y powershell
elif [ "$OS_NAME" == "UBUNTU" ]; then
sudo apt-get update
sudo DEBIAN_FRONTEND=noninteractive TZ=Etc/UTC apt-get install -y wget apt-transport-https software-properties-common
wget -q "https://packages.microsoft.com/config/ubuntu/${VERSION_ID}/packages-microsoft-prod.deb"
sudo dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y powershell
elif [ "$OS_NAME" == "KALI" ]; then
sudo apt-get update && sudo apt-get -y install powershell
elif [ $OS_NAME == "PARROT" ]; then
sudo apt-get update && sudo apt-get -y install powershell

# https://learn.microsoft.com/en-us/powershell/scripting/install/install-other-linux?view=powershell-7.4#binary-archives
ARCH=$(uname -m)
if [ "$ARCH" == "x86_64" ]; then
POWERSHELL_URL="https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/powershell-7.4.6-linux-x64.tar.gz"
else
POWERSHELL_URL="https://github.com/PowerShell/PowerShell/releases/download/v7.4.6/powershell-7.4.6-linux-arm64.tar.gz"
fi

curl -L -o /tmp/powershell.tar.gz $POWERSHELL_URL
sudo mkdir -p /opt/microsoft/powershell/7
sudo tar zxf /tmp/powershell.tar.gz -C /opt/microsoft/powershell/7
sudo chmod +x /opt/microsoft/powershell/7/pwsh
sudo ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh

sudo mkdir -p /usr/local/share/powershell/Modules
sudo cp -r "$PARENT_PATH"/empire/server/data/Invoke-Obfuscation /usr/local/share/powershell/Modules
rm -f packages-microsoft-prod.deb*
}

function install_mysql() {
Expand Down Expand Up @@ -126,35 +116,36 @@ function install_bomutils() {
function install_dotnet() {
echo -e "\x1b[1;34m[*] Installing dotnet for C# agents and modules\x1b[0m"
if [ $OS_NAME == "UBUNTU" ]; then
wget https://packages.microsoft.com/config/ubuntu/"${VERSION_ID}"/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
rm packages-microsoft-prod.deb
# If version is 22.04, we need to write an /etc/apt/preferences file
# https://github.com/dotnet/core/issues/7699
if [ "$VERSION_ID" == "22.04" ]; then
echo -e "\x1b[1;34m[*] Detected Ubuntu 22.04, writing /etc/apt/preferences file\x1b[0m"
sudo tee -a /etc/apt/preferences <<EOT
Package: *
Pin: origin "packages.microsoft.com"
Pin-Priority: 100
EOT
fi
sudo apt-get update
sudo apt-get install -y apt-transport-https dotnet-sdk-6.0
elif [ $OS_NAME == "DEBIAN" ]; then
wget https://packages.microsoft.com/config/debian/"${VERSION_ID}"/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y apt-transport-https dotnet-sdk-6.0
# Since PMC doesn't support arm64 we need to manually install it
# https://dotnet.microsoft.com/en-us/download/dotnet/thank-you/sdk-6.0.427-linux-arm64-binaries
ARCH=$(uname -m)
if [ "$ARCH" == "x86_64" ]; then
DOTNET_URL="https://download.visualstudio.microsoft.com/download/pr/12ee34e8-640c-400e-a6dc-4892b442df92/81d40fc98a5bbbfbafa4cc1ab86d6288/dotnet-sdk-6.0.427-linux-x64.tar.gz"
CHECKSUM="a9cd1e5ccc3c5d847aca2ef21dd145f61c6b18c4e75a3c2fc9aed592c6066d511b8b658c54c2cd851938fe5aba2386e5f6f51005f6406b420110c0ec408a8401"
else
wget https://packages.microsoft.com/config/debian/11/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y apt-transport-https dotnet-sdk-6.0
DOTNET_URL="https://download.visualstudio.microsoft.com/download/pr/30d99992-ae6a-45b8-a8b3-560d2e587ea8/a35304fce1d8a6f5c76a2ccd8da9d431/dotnet-sdk-6.0.427-linux-arm64.tar.gz"
CHECKSUM="9129961b54ad77dac2b4de973875f7acd1e8d2833673a51923706620e0c5b7b8c5b057c8d395532ad9da46b1dcb5ab8fd07a4f552bd57256d5a0c21070ad5771"
fi
wget $DOTNET_URL -O /tmp/dotnet-sdk.tar.gz
echo "$CHECKSUM /tmp/dotnet-sdk.tar.gz" | sha512sum -c
if [ $? -ne 0 ]; then
echo -e "\x1b[1;31m[!] Checksum verification failed. Exiting.\x1b[0m"
exit 1
fi
mkdir -p $HOME/dotnet && tar zxf /tmp/dotnet-sdk.tar.gz -C $HOME/dotnet
sudo ln -s $HOME/dotnet/dotnet /usr/bin/dotnet
export DOTNET_ROOT=$HOME/dotnet
export PATH=$PATH:$HOME/dotnet
echo "export DOTNET_ROOT=$HOME/dotnet" >> ~/.bashrc
echo "export PATH=$PATH:$HOME/dotnet" >> ~/.bashrc
echo "export DOTNET_ROOT=$HOME/dotnet" >> ~/.zshrc
echo "export PATH=$PATH:$HOME/dotnet" >> ~/.zshrc
}
function install_nim() {
Expand All @@ -165,7 +156,8 @@ function install_nim() {
read -r answer
fi
if [ "$answer" != "${answer#[Yy]}" ]; then
sudo apt-get install -y curl git gcc xz-utils
# https://github.com/dom96/choosenim/issues/303
sudo apt-get install -y curl git gcc xz-utils libcurl4-gnutls-dev
export CHOOSENIM_CHOOSE_VERSION=1.6.12
curl https://nim-lang.org/choosenim/init.sh -sSf | sh -s -- -y
echo "export PATH=$HOME/.nimble/bin:$PATH" >> ~/.bashrc
Expand Down Expand Up @@ -305,7 +297,7 @@ if ! command_exists pyenv; then
libncurses5-dev libreadline6-dev libsqlite3-dev libssl-dev \
lzma lzma-dev tk-dev uuid-dev zlib1g-dev
pyenv install 3.12.2
pyenv install 3.12.6
fi
if ! command_exists poetry; then
Expand Down

0 comments on commit 8f41087

Please sign in to comment.