From cc3aa839eda67801b1e3cd079aa3d603d122a1cf Mon Sep 17 00:00:00 2001 From: Anthony Rose <20302208+Cx01N@users.noreply.github.com> Date: Sun, 29 Sep 2024 10:50:07 -0400 Subject: [PATCH 1/5] Fixed extra character in nanodump bof name (#901) * fixed extra character in nanodump bof name * updated changelog --- CHANGELOG.md | 2 ++ empire/server/modules/bof/nanodump.yaml | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 379331f3e..82598f344 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +- Fixed extra character in nanodump.x64.o + ## [5.11.5] - 2024-09-22 - Fixed various Python 3.12 SyntaxWarning diff --git a/empire/server/modules/bof/nanodump.yaml b/empire/server/modules/bof/nanodump.yaml index 413fd25a8..4b561f243 100644 --- a/empire/server/modules/bof/nanodump.yaml +++ b/empire/server/modules/bof/nanodump.yaml @@ -121,7 +121,7 @@ options: format: i bof: x86: bof/nanodump/nanodump.x86.o - x64: bof/nanodump/nanodump.x64.oo + x64: bof/nanodump/nanodump.x64.o entry_point: '' script_path: '' script_end: '' From 655f82eb14582cc6af29e1169e9771ee4caecdd2 Mon Sep 17 00:00:00 2001 From: Anthony Rose <20302208+Cx01N@users.noreply.github.com> Date: Fri, 4 Oct 2024 13:55:19 -0400 Subject: [PATCH 2/5] Fixed bof tasking for IronPython agent (#906) * fixed bof tasking for ipy agent * fat fingers * reverted back to elif statement --- CHANGELOG.md | 1 + empire/server/core/module_service.py | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 82598f344..f1e16254e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] - Fixed extra character in nanodump.x64.o +- Fixed bof tasking for IronPython agent ## [5.11.5] - 2024-09-22 diff --git a/empire/server/core/module_service.py b/empire/server/core/module_service.py index f30d6ccce..49c6fa24f 100644 --- a/empire/server/core/module_service.py +++ b/empire/server/core/module_service.py @@ -203,7 +203,7 @@ def execute_module( # noqa: PLR0913 PLR0912 PLR0915 else: task_command = "TASK_POWERSHELL_CMD_WAIT" - elif agent.language == "ironpython" and module.language == "csharp": + elif agent.language == "ironpython" and module.language in ("csharp", "bof"): task_command = "TASK_CSHARP" return {"command": task_command, "data": module_data}, None From 233355545de7161c6f0a62317d2ef88f4c73e895 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 12 Oct 2024 11:15:15 -0700 Subject: [PATCH 3/5] Bump tj-actions/changed-files from 44.5.5 to 45.0.3 (#909) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 44.5.5 to 45.0.3. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/v44.5.5...v45.0.3) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/lint-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/lint-and-test.yml b/.github/workflows/lint-and-test.yml index d0dca4d7a..c4bf2e520 100644 --- a/.github/workflows/lint-and-test.yml +++ b/.github/workflows/lint-and-test.yml @@ -139,7 +139,7 @@ jobs: # To save CI time, only run these tests when the install script or deps changed - name: Get changed files using defaults id: changed-files - uses: tj-actions/changed-files@v44.5.5 + uses: tj-actions/changed-files@v45.0.3 - name: Build images if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock') run: docker compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel ${{ join(matrix.images, ' ') }} From 42059bd63355ae3c46f3f07322695a03b82a3034 Mon Sep 17 00:00:00 2001 From: Vincent Rose Date: Thu, 7 Nov 2024 17:03:39 -0700 Subject: [PATCH 4/5] Update donut to 1.1 (#926) --- poetry.lock | 6 +++--- pyproject.toml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/poetry.lock b/poetry.lock index b4f3e5b19..074a4166a 100644 --- a/poetry.lock +++ b/poetry.lock @@ -709,12 +709,12 @@ files = [ [[package]] name = "donut-shellcode" -version = "1.0.2" +version = "1.1" description = "Donut shellcode Python C extension" optional = false python-versions = ">=3.0" files = [ - {file = "donut-shellcode-1.0.2.tar.gz", hash = "sha256:66fd1b5d4b7af2ec6ddd554d7e0ab93810f6c8172ab0c12f1f776e108e331121"}, + {file = "donut_shellcode-1.1.tar.gz", hash = "sha256:80861de844b9a36de3907e726605cdf01b8e052c24a74b6e454da9b2ebca2788"}, ] [[package]] @@ -3396,4 +3396,4 @@ test = ["pytest"] [metadata] lock-version = "2.0" python-versions = ">=3.10,<3.13" -content-hash = "d2acc72039e831149b3a4225cc50619fc01fe496a644e177185575cd65934a3d" +content-hash = "3e1fcd78b7d6a0ec1c3eabb7aee6c2a349f03e768e977d40335525e68e1137c5" diff --git a/pyproject.toml b/pyproject.toml index 2a2c71cda..d15c71eac 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -48,7 +48,7 @@ pyvnc = {git = "https://github.com/BC-SECURITY/pyVNC.git"} python-socketio = {extras = ["client"], version = "^5.11.1"} Flask = "^3.0.2" pysecretsocks = {git = "https://github.com/BC-SECURITY/PySecretSOCKS.git", rev = "da5be0e"} -donut-shellcode = { version = "^1.0.2", markers = "platform_machine == 'x86_64' or platform_machine == 'amd64'" } +donut-shellcode = { version = "^1.1", markers = "platform_machine == 'x86_64' or platform_machine == 'amd64'" } python-obfuscator = "^0.0.2" pyinstaller = "^6.4.0" md2pdf = {git = "https://github.com/bc-security/md2pdf", rev = "48d5a46"} From 2a1f50c3e70cb00cccdd529f1ae1c8046afa3f27 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Fri, 8 Nov 2024 00:16:42 +0000 Subject: [PATCH 5/5] Prepare release 5.11.6 private --- CHANGELOG.md | 10 +++++++--- empire/server/common/empire.py | 2 +- pyproject.toml | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f1e16254e..5c7671774 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,8 +14,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] -- Fixed extra character in nanodump.x64.o -- Fixed bof tasking for IronPython agent +## [5.11.6] - 2024-11-08 + +- Fixed extra character in nanodump.x64.o +- Fixed bof tasking for IronPython agent ## [5.11.5] - 2024-09-22 @@ -923,7 +925,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Updated shellcoderdi to newest version (@Cx01N) - Added a Nim launcher (@Hubbl3) -[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.5...HEAD +[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.6...HEAD + +[5.11.6]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.5...v5.11.6 [5.11.5]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.4...v5.11.5 diff --git a/empire/server/common/empire.py b/empire/server/common/empire.py index 749e06c0a..85f991664 100755 --- a/empire/server/common/empire.py +++ b/empire/server/common/empire.py @@ -38,7 +38,7 @@ from . import agents, credentials, listeners, stagers -VERSION = "5.11.5 BC Security Fork" +VERSION = "5.11.6 BC Security Fork" log = logging.getLogger(__name__) diff --git a/pyproject.toml b/pyproject.toml index d15c71eac..9ed1d9c10 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "empire-bc-security-fork" -version = "5.11.5" +version = "5.11.6" description = "" authors = ["BC Security "] readme = "README.md"