Empire HTTP(S) C2 redirector setup script
Switch branches/tags
Nothing to show
Clone or download
V1V1 Merge pull request #1 from c0mmand3rOpSec/master
CLI arguments, SSLCertificateFile
Latest commit cc03346 Jul 10, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
profiles
LICENSE Initial commit Nov 2, 2017
README.md
sleight.py Update sleight.py Jul 7, 2018

README.md

Sleight

Empire HTTP(S) C2 redirector setup script.

Usage:

Sleight can be used in 3 ways:

1) Setup HTTP Redirector:

  1. Run Sleight and feed it an Empire communication profile.
  2. Input your Empire C2's IP address and listening port.
  3. Say no to the HTTPS prompt.
  4. Input a site to redirect all invalid requests to.
  5. Start an Empire HTTP listener with the 'Host' property set to the domain of your redirector.
HTTP Redirectors reference:

2) Setup HTTPS Redirector:

  1. Run Sleight and feed it an Empire communication profile.
  2. Input your Empire C2's IP address and listening port.
  3. Say yes to the HTTPS prompt.
  4. Input a site to redirect all invalid requests to.
  5. Input the domain assigned to your redirector (for generation of a Let's Encrypt certificate).
  6. Agree to the certbot prompts.
  7. Start an Empire HTTPS listener with the 'Host' property set to the domain of your redirector.
HTTPS Redirector Setup Notes:
  • Certificate generation will only work once your redirector's domain has propagated successfully.
  • You'll need DNS entries for both DOMAIN.com and www.DOMAIN.com for your redirector's domain.
  • You can use the default HTTPS certificates Empire comes with (located in the '/empire/data/' directory) for the 'CertPath' property when starting a HTTPS listener on your C2 server.
HTTPS Redirectors reference:

3) Rules only (no setup):

If you only want to use Sleight to convert an Empire communication profile into mod_rewrite rules and not setup your redirector, simply feed it a communication profile and say no to the "proceed with setup" prompt.

4) CLI arguments:

If you want to use Sleight non interactively, command line arguments can be found in the default output. Any value not defined at launch will be prompted for during execution.

Examples:

$ sudo python sleight.py -c profiles/default.txt

$ sudo python sleight.py --modeHTTPS=y --myDomain=3xample.com --ip=My.C2.IP.Address --redirectDomain=example.com -c profiles/default.txt --proceed=n --port=80