PenTestIT

Your source for all things Information Security!

You are here: Home / Offensive Security / UPDATE: Empire v3.4.0

UPDATE: Empire v3.4.0

Posted: 4 months ago by 6732 views

Empire v3.4.0 was released a couple of days ago! I briefly mentioned about this tool in my old post titled – List of Open Source C2 Post-Exploitation Frameworks. This new version brings support for Malleable C2 listeners and reflective file loading among other bug fixes.

Empire 3.4.0

What is Empire?

Empire 3.x is an open source post-exploitation framework that includes a pure-PowerShell 2.0 Windows agent, and compatibility with Python 2.x/3.x Linux/OS X agents. It is the merger of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architecture. BC-Security presented updates to further evade Microsoft Antimalware Scan Interface (AMSI) and JA3/S signatures at DEF CON 27.

Changes made to Empire v3.4.0:

  • Added Malleable C2 HTTP Listener – #287 (@johneiser@Cx01N@Hubbl3)
  • Added reflective load ability for files – #309 (@Hubbl3)
  • Added Invoke-DomainPasswordSpray – #295 (@Cx01N)
  • Added Invoke-WinPEAS – #293 (@Cx01N). This is a port of the WinPEAS script that searches for possible paths to escalate privileges on Windows hosts.
  • Added Invoke-Watson – #294 (@Cx01N). This is a port of a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.
  • Added plugins being loaded at startup – #301 (@Cx01N)
  • Updated moduleName to display full directory – #299 (@Cx01N)
  • Updated info in Invoke-SMBExec to indicate single target – #286 (@Cx01N). When using the Invoke-SMBexec module in the powershell > lateral_movement category, the ComputerName options said it allows a comma-separated list of Computers to target. However, it was not being accepted. Invoke-SMBExec information was updated to indicate compatibility with a single target.
  • Updated Slack API notifications to webhooks – #303 (@Cx01N)
  • Fixed spaces for IIS default page in HTTP listener – #302 (@adamczi)
  • Fixed agent spawning issue with MS-16-032 – #292 (@Cx01N)
  • Fixed min language version for modules (@Cx01N)
  • Fixed CLI stager incorrectly shutting down – #198 (@Cx01N)
  • Fixed error message from active agents during shutdown – #308 (@Cx01N)

Download Empire v3.4.0:

To install and run the latest version, simple run the following steps:

git clone https://github.com/BC-SECURITY/Empire.git
cd Empire
sudo ./setup/install.sh

Otherwise, if you want to get Empire 3.4.0 (Empire-3.4.0.zip/Empire-3.4.0.tar.gz) check out this link.

Share this post on:
witteracebookhatsAppufferLinkedin It

Related

UPDATE: Merlin v0.9.0
Tags: , , , , ,
Categories: Offensive Security, Open Source, Penetration Testing, Tool Updates, Tools
UPDATE: Kali Linux 2020.3 Release
Tags: , , , , , , , , , , , , ,
Categories: Offensive Security, Open Source, Penetration Testing, Tool Updates, Tools, Vulnerability Assessment, Web Application Security, Wireless
UPDATE: FudgeC2 0.5.7
Tags: , , , , , , ,
Categories: Offensive Security, Open Source, Tool Updates, Tools