New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added resource file and auto run functionality as in Metasploit #750

Merged
merged 16 commits into from Oct 18, 2017

Conversation

Projects
None yet
2 participants
@clr2of8

clr2of8 commented Oct 12, 2017

Resource files allow you to put multiple empire commands into a file and have them executed as a script. This is the same functionality provided when using Metasploit resource files. For example, you could automate startup of your "go to" listeners and generate their launchers with this command:

(Empire) > resource /root/listener.rc

Where the file "/root/listener.rc" has the following contents:
listeners
uselistener http
set Name http80
set DefaultProfile /admin/login.php,/console/dashboard.asp,/news/today.jsp| Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0;
set Host 1.2.3.4
set Port 80
info
execute
set Name http443
set Port 443
execute
listeners
usestager multi/launcher
set Listener http80
execute
set Listener http443
execute

You can also specify a resource file on empire startup like this:

./empire.py --resource /root/listener.rc

A new "autorun" command has been added to the agents menu. You pass it a resource file full of commands you want to run on any new agents. For example you could have the following /root/run-my-modules.rc file:

usemodule trollsploit/message
execute
back
usemodule trollsploit/voicetroll
set VoiceText test one
execute

Type the following commands in Empire to set the autoruns:

agents
autorun /root/run-my-modules.rc powershell

Now any new powershell agents that connect will run the two modules specified in /root/run-my-modules.rc, namely the trollsploit message and voicetroll module. To specify modules to run on agents of other languages (such as python) specify the language like this:

autorun

@clr2of8 clr2of8 changed the title from Added resource file functionality as in Metasploit to Added resource file and auto run functionality as in Metasploit Oct 16, 2017

@xorrior

This comment has been minimized.

Contributor

xorrior commented Oct 18, 2017

Everything looks good and works as it should. Nice work!

@xorrior xorrior merged commit 1cb3e1e into EmpireProject:dev Oct 18, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment