Merge pull request #188 from BC-SECURITY/single-user

Single User Endpoint / Docker Updates

Dockerfile

@@ -27,17 +27,41 @@ ENV DEBIAN_FRONTEND=noninteractive
 SHELL ["/bin/bash", "-c"]
 
 RUN apt-get update && \
-      apt-get -y install sudo && \
-      apt-get -y install lsb-release
+      apt-get -y install \
+        sudo \
+        lsb-release \
+	    make \
+	    g++ \
+	    python3-dev \
+	    swig \
+	    python-pip \
+	    libxml2-dev \
+	    default-jdk \
+	    libffi-dev \
+	    libssl1.1 \
+	    libssl-dev \
+	    build-essential \
+	    apt-transport-https \
+	    curl \
+	    gnupg
+
+RUN wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb && \
+    sudo dpkg -i packages-microsoft-prod.deb && \
+    sudo apt-get update && \
+    sudo apt-get install -y powershell
+
+WORKDIR /empire
+
+COPY setup/requirements.txt /empire
+
+RUN pip install -r requirements.txt
 
 COPY . /empire
 
-RUN cd /empire/setup/ && \
-    ./install.sh && \
-    rm -rf /empire/data/empire*
+RUN rm -rf /empire/data/empire*
 
-RUN python /empire/setup/setup_database.py
+RUN cd setup && ./reset.sh
 
-WORKDIR /empire
+RUN cd setup && ./cert.sh
 
-CMD ["python", "empire"]
+CMD ["python", "empire", "--rest"]

empire

@@ -134,6 +134,7 @@ def execute_db_query(conn, query, args=None):
 #    GET      http://localhost:1337/api/admin/shutdown              shutdown the RESTful API
 #
 #    GET      http://localhost:1337/api/users                       return all users from database
+#    GET      http://localhost:1337/api/users/X                     return the user with id X
 #    GET      http://localhost:1337/api/users/me                    return the user for the given token
 #    POST     http://localhost:1337/api/users                       add a new user
 #    PUT      http://localhost:1337/api/users/Y/disable             disable/enable user Y
@@ -1335,6 +1336,19 @@ def start_restful_api(empireMenu, suppress=False, username=None, password=None,
 
         return jsonify({'users': user_report})
 
+    @app.route('/api/users/<int:uid>', methods=['GET'])
+    def get_user(uid):
+        """
+        return the user for an id
+        """
+        user = execute_db_query(conn, 'SELECT ID, username, last_logon_time, enabled, admin FROM users WHERE id = ?', [uid,])
+
+        if len(user) == 0:
+            make_response(jsonify({'error': 'user %s not found' % uid}), 404)
+
+        [ID, username, last_logon_time, enabled, admin] = user[0]
+        return jsonify({"ID": ID, "username": username, "last_logon_time": last_logon_time, "enabled": bool(enabled), "admin": bool(admin)})
+
 
     @app.route('/api/users/me', methods=['GET'])
     def get_user_me():

setup/install.sh

@@ -2,22 +2,17 @@
 function install_powershell() {
 	# Deb 10.x
 	if cat /etc/debian_version | grep 10.* ; then
-		sudo apt-get install -y apt-transport-https curl
-		curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add -
-		sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos/microsoft-debian-stretch-prod stretch main" > /etc/apt/sources.list.d/microsoft.list'
+    # Download the Microsoft repository GPG keys
+    wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb
+
+    # Register the Microsoft repository GPG keys
+    sudo dpkg -i packages-microsoft-prod.deb
+
+    # Update the list of products
+    sudo apt-get update
 
-		mkdir /tmp/pwshtmp
-		(cd /tmp/pwshtmp && \
-			wget http://http.us.debian.org/debian/pool/main/i/icu/libicu57_57.1-6+deb9u3_amd64.deb && \
-			wget http://http.us.debian.org/debian/pool/main/u/ust/liblttng-ust0_2.9.0-2+deb9u1_amd64.deb && \
-			wget http://http.us.debian.org/debian/pool/main/libu/liburcu/liburcu4_0.9.3-1_amd64.deb && \
-			wget http://http.us.debian.org/debian/pool/main/u/ust/liblttng-ust-ctl2_2.9.0-2+deb9u1_amd64.deb && \
-			wget http://security.debian.org/debian-security/pool/updates/main/o/openssl1.0/libssl1.0.2_1.0.2u-1~deb9u1_amd64.deb && \
-			sudo dpkg -i *.deb)
-		rm -rf /tmp/pwshtmp
-
-		sudo apt-get update 
-		sudo apt-get install -y powershell 
+    # Install PowerShell
+    sudo apt-get install -y powershell
 	# Deb 9.x
 	elif cat /etc/debian_version | grep 9.* ; then
 		# Install system components