[FEATURE REQUEST] Convert modules to stop using deprecated features in Empire 5.9+ #716
Labels
enhancement
New feature or request
good first issue
Good for newcomers
help wanted
Extra attention is needed
Comments
vinnybod
added
enhancement
|
Hey @git-tirthankar I reviewed the pull request, looks like you just need to lint the code. When I did locally, it found some syntactical errors. Thanks for your help! |
cmndcntrlcyber
pushed a commit
to cmndcntrlcyber/Empire
that referenced
this issue
May 27, 2024
* initial install script updates * more cleanup * merge common code * update Dockerfile * update dependencies for python 3.12 * allow 3.12 for deps * pysecretsocks compat * bump minimum py version to 3.10, upgrade deps for 3.12, add 3.12 to supported versions * bump to python 3.12 * upgrade deps * update pr matrix * ignore thread warnings * take out the huge query * take out the huge query in the perf test * typos in compose file * more tweaks * bump time limit on install tests * bump perf test again because py3.12 is slow on the runner for some reason * disable some steps * run ci * remove token * fix geo issue * run py 3.12 tests * uncomment * move symlink to install script. use sudo for mysql setup * fix symlinks * add keyring bypass to kali * setup keyring no matter the os. update nim symlinking * Update CHANGELOG.md * split install tests * org agnostic check * Fix function * remove release token from checkout in python step * remove release token from checkout in python step * fix function * syntax * update run-all-tests script * change var name * add some echos * split CI * updates * remove token * wrong path * re-enable token * disable parrot for now * install starkiller in the docker build. check or it in cst. update forked dep references * update changelog with warning
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Empire 5.9.0 introduced a new way of doing error handling: https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#error-handling
Instead of returning a tuple containing an error message or using the
handle_error_messagefunction, an exception should be raised and the generated module script should be returned as astrEmpire 5.9.0 introduced 2 decorators
auto_get_sourceandauto_finalize: https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#decoratorsUsing these decorators eliminates a bit of boiler plate code from the beginning and end of a module's generate function.
auto_finalizecannot be used without replacing tuple returns with raised exceptions.Solution
Remove the use of
handle_error_message, instead using the raised exceptions described in the docs https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#error-handlingFor modules that are not deviating from the boiler plate template, replace the
get_module_sourceandfinalize_modulecalls with theauto_get_sourceandauto_finalizedecorators.An example module conversion is here:
4eb02f6#diff-c41918d437c0bf39ac6fc692e1bb881586f8d1b0c583864f72bdcfbf5ba0ad65R12-R48
Alternatives
No response
Additional Context
No response
The text was updated successfully, but these errors were encountered: