Releases: BC-SECURITY/Empire
Releases · BC-SECURITY/Empire
Empire v4.3.3
1/24/2022
- Version 4.3.3 Master Release
- Added a hook for when an agent is fully checked in (stage2) (@vinnybod)
1/14/2022
- Version 4.3.2 Master Release
- Fixed issues with variables names in Mimikatz & Privesc modules (@sbrun)
- Fixed issue with Invoke-Obfuscation not being properly called (@Cx01N)
- Add dotnet install to dockerfile (@vinnybod)
1/8/2022
- Version 4.3.1 Master Release
- Fixed issue with module variables referenced before assignment or undefined (@vinnybod)
- Fixed bug with Invoke-Seatbelt caused by variable name mismatch (@vinnybod)
- Fixed IronPython exit/shutdown issue (@Cx01N)
- Fixed ToLower() bug in PowerShell agent when using route (@CyrilleFranchet)
- Fixed multiline shell output bug (#491) (@CyrilleFranchet)
- Added dir command to the file browser hook (@CyrilleFranchet)
- Generate test account with secure rng (@moloch--)
- Add Invoke-FodhelperProgIDs module (@m1m1k4tz)
- Add Invoke-VeeamGetCreds module (@sadshade)
12/23/2021
- Version 4.3.0 Master Release
- Updated Invoke-Seatbelt, Invoke-Rubeus, & Invoke-WinPeas (@Cx01N)
- Updated C# modules: Seatbelt, SharpSploit (@Cx01N)
- Updated profiles to include APT29 (@Cx01N)
- Updated Mimikatz to 20210810-2 (@Cx01N)
- Updated reset script to remove c# tasks and generated-stagers (@Cx01N)
- Added obfuscation options into Empire CLI (@Cx01N)
- Added Invoke-BOF module (@Cx01N)
- Added C# server plugin to run on startup (@Cx01N)
- Added autostart plugin with options to config file (@Cx01N)
- Added upload & download options for Empire CLI (@Cx01N)
- Added Plugin folders and extensions (@Cx01N)
- Added C# redirector (@Cx01N)
- Added Invoke-DownloadFile (@Cx01N)
- Added error message in client for file downloads >1MB (@Cx01N)
- Moved NVNC and Sharpire as C# submodules (@Cx01N)
- Fixed Invoke-Assembley (@Cx01N)
- Fixed osx/clipboard & pilliageuser modules (@Cx01N)
- Removed unused wiki workflows (@Cx01N)
New Contributors
- @moloch-- made their first contribution in #505
- @m1m1k4tz made their first contribution in #514
- @sadshade made their first contribution in #512
- @CyrilleFranchet made their first contribution in #529
Full Changelog: v4.2.0...v4.3.3
Contributors
moloch--, sbrun, and 5 other contributors
Assets 2
Empire v4.2.0
11/1/2021
- Version 4.2.0 Master Release
- Added revershell & cmd launchers with reversehell (@Cx01N)
- Added ironpython to compile through empire with embedded std lib (@Cx01N)
- Added proxy (SOCKS/TOR/HTTP) pivots to python agents (@Cx01N)
- Added notifications in bottom toolbar for plugins and agents (@Cx01N)
- Added C# VNC server (@Cx01N)
- Added extended rights for certificate templates (@daem0nc0re)
- Added donut for shellcode generation (@Cx01N)
- Updated WMI persistence and bug fixes (@janit0rjoe)
- Updated covenant compiler (@Hubbl3)
- Updated csharp powershell launcher to compile through empire (@Hubbl3)
- Fixed formatting error in enable_rdp (@jamarir)
- Fixed nim launcher to run internal to exe (@Cx01N)
- Fixed misc python module errors (@Cx01N)
- Fixed outfile message displaying wrong directory (@Cx01N)
- Removed sRDI for shellcode (@Cx01N)
Contributors
Cx01N, jamarir, and 3 other contributors
Assets 2
Empire v4.1.3
9/28/2021
- Version 4.1.3 Master Release
- Fixed output from files throwing a error for the client (@Cx01N)
9/21/2021
- Version 4.1.2 Master Release
- Removed pyminifier as a dependency to prevent install errors (@Cx01N)
9/20/2021
- Version 4.1.1 Master Release
- Add OutputFunction to dcsync_hashdump (@jamarir)
- Convert file operations to use with syntax (@jamarir)
- Added Invoke-IronPython3 and some OffensiveDLR fixes (@Cx01N)
- Fix for (#476) - String indices error ms16-032 & ms16-135 (@Cx01N)
- Fix help menu text on the interact menu (@archcloudlabs)
- Rework agent taskings in the client to not poll for a result (@Cx01N)
- Added Python agents to the external/generate_agent module (@Cx01N)
- Update add_sid_history module command (@ilanisme)
8/29/2021
- Version 4.1.0 Master Release
- Correct issue where install script would break depending on the current working directory (@vinnybod)
- Empire client now currently refreshes listener list after killing a listener (@vinnybod)
- Removed the wiki and added a link to the new docs (@vinnybod)
- Added the initial filtering/hooking feature (@vinnybod)
- Fix an issue where the docker builds would not run because it was deleting the database (@vinnybod)
- Added autocomplete for taskings in the Empire Client and added a command to view a specific task (@Cx01N)
- Updated the OutputFunction feature to allow for arbitrary values (@vinnybod)
- Added an IronPython3 agent (@Cx01N)
Contributors
archcloudlabs, vinnybod, and 3 other contributors
Assets 2
Empire v4.0.2
8/16/2021
- Version 4.0.2 Master Release
- Added socketio messages to screenshot/download/upload (@Cx01N)
- Added help message when no input is given to empire.py (@Cx01N)
- Fixed missing slash for module directories (@Cx01N)
- Fixed modules Get-SQLServerLoginDefaultPw and PortScan (@jamarir)
- Fixed formatting bug in the options table on the listener menu (@vinnybod)
- Fixed querying retain-last-value config parameters (@ilanisme)
- Fixed invalid concat on keylogs (@Cx01N)
- Fixed mimikatz command and added suggested values (@Cx01N)
- Fixed misc bugs (@vinnybod)
- Updated suggested values for stagers and reformatted code (@Cx01N)
- Updated editlistener menu (@vinnybod)
- Removed client suppression for job started taskings (@Cx01N)
Contributors
vinnybod, Cx01N, and 2 other contributors
Assets 2
Empire v4.0.1
7/19/2021
- Version 4.0.1 Master Release
6/28/2021
- Version 4.0.0 Master Release
- Breaking Changes
- Removed old Empire CLI and cmdloop from server (@Cx01N)
- The credential create endpoint now accepts a single credential instead of a list
- Some endpoints which were previously throwing 500s when not found, now properly return a 404
- Plugin endpoints and socketio channels renamed to plural (plugin -> plugins) to match naming convention of other resources (@vinnybod)
- New Features
- Integrated server and client into Empire (@Cx01N, @vinnybod)
- Introduced C# agents (@Hubbl3)
- Integrated Covenant Roslyn compiler for task compilation (@Hubbl3)
- Covenant Task compatibility (@Hubbl3, @vinnybod)
- Added support for 'suggested values' on the server and auto completing the suggested values in the CLI (@vinnybod)
- Added new launch parameters for starting server/client (@Cx01N, @vinnybod)
- Added Offensive DLR Modules: IronPython, ClearScript, & Boolang (@Cx01N)
- Added MS16-051 stager (@Cx01N)
- Added Start-ProcessAsUser module (@Cx01N)
- Added NTLM-Extract module (@Cx01N)
- Added Invoke-SharpSecDump module (@Cx01N)
- Added sriptimport and scriptcommand to API (@Cx01N)
- Added auto generate certificate function to startup script (@Cx01N)
- Added Invoke-SpoolSample (@Cx01N)
- Added redirector chaining and proper tunneling (@Cx01N)
- Updated pycrypto to pycryptodome (@Cx01N)
- Updated PowerDump with AES NTLM hashes (@Cx01N)
- Updated cert/install/reset script with new directories (@Cx01N)
- Updated all modules to new YAML format (@vinnybod, @Cx01N)
- Updated to Mimikatz 2.2.0 20210531 X11 RDP Clients (@Cx01N)
- Removed M2Crypto dependency (@Cx01N)
- Simplified kill/remove commands and added 'all' and 'stale' options (@Cx01N)
- Removed the need for manual database timestamp updates, merge taskings and results table to a single table (@vinnybod)
- Added a socketio event for when tasking results come back (@vinnybod)
- Readded rastamouse's bypass (@Cx01N)
- Added a 'since' query parameter to the tasks endpoint for more efficient querying (@vinnybod)
- Added socketio tasking event handler to CLI for displaying task results in the interact menu (@vinnybod)
- Install script prompts for xar, bomutils, openjdk, and dotnet for a more streamlined install (@vinnybod)
- Install script now includes dotnet (@vinnybod)
- Dockerfile size decreased by ~1GB by only installing the essentials. There is a note in the README (@vinnybod)
- Made powershell bypasses dynamic. Now set with a single field
Bypassesand they will be applied in the order provided (@vinnybod) - Added API endpoints for managing bypasses (@vinnybod)
- Add processor architecture to powershell, csharp, and python agents (@vinnybod)
- Add a display command to interact menu (@vinnybod)
- Add additional endpoints for credential for get, update, and delete (@vinnybod)
- Add create, update, remove credential functionality to the CLI (@Cx01N)
- Add an "output function" option on several modules (@jamarir)
- Updated shellcoderdi to newest version (@Cx01N)
- Added a Nim launcher (@Hubbl3)
- Breaking Changes
Empire v3.8.2
3/28/2021
- Version 3.8.2 Master Release
- Fixed issue with try/catch preventing agent connections for http_hop/http listeners (@Cx01N)
3/22/2021
- Version 3.8.1 Master Release
- Fixed http_hop listener options not being copied properly (@Cx01N)
3/7/2021
- Version 3.8.0 Master Release
- Fix for literal comparison warnings in Python agent - #428 (@mattbogenberger)
- Add an Invoke-SweetPotato module - #433 (@Invoke-Mimikatz)
- Fix failed ticket generation in Invoke-Kerberoast - #434 (@Pen-Git)
- Add ability to specify the bind IP for RESTful API - #431 (@meldridge)
Empire v3.7.2
-
Version 3.7.2 Master Release
- Fixed Malleable C2 issue where netbios/netbiosu transformations used excessive resources (@Cx01N)
- Fixed error when loading http_hop listener options (@Cx01N) -
Version 3.7.1 Master Release (Kali Build Only)
- Added Kali message to main menu -
Version 3.7.0 Master Release
- Revamped backend database from direct sqlite3 to SQLAlchemy (@Cx01N, @vinnybod)
- Added new Empire CLI to packaging (@vinnybod)
- Added malleable C2 profiles to empire directory: /data/profiles (@Cx01N)
- Added --teamserver option to launcher (@Cx01N)
- Added support for logging into Empire from multiple locations (@vinnybod)
- Added Invoke-WireTap (@Cx01N)
- Added Invoke-SauronEye (@Cx01N)
- Added Invoke-SharpLoginPrompt (@Cx01N)
- Fixed OneDrive Listener with new database (@Cx01N)
- Removed need to run setup database script (@vinnybod)
- Updated docker image to use the locked dependencies in pyproject.toml (@vinnybod)
Empire v3.6.3
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Added save path to download file message - #414 (@meldridge)
- Updated installation file formatting - #410 (@Pernat1y)
- Fixed python 3.9.1 issue with deprecated base64 function - #422 (@brimstone)
- Fixed dump creds and hash not being logged in credentials properly - #423 (@Cx01N)
Empire v3.6.2
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.
Changelog
- Added python support for HTTP malleable listener - #404 (@adamczi)
- Added new admin menu API endpoints - #403 (@vinnybod, @Cx01N)
- Added chat server for Starkiller and new Empire CLI integration - #403 (@vinnybod, @Cx01N)
- Added module PrivescCheck - #401 (@Invoke-Mimikatz)
- Fixed error in malleable profiles when http-stager is not defined - #407 (@Cx01N)
Empire v3.6.1
Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.