Merge branch 'main' into patch-1

.github/install_tests/cst-config-kali.yaml

@@ -5,4 +5,4 @@ commandTests:
   - name: "mysql version"
     command: "mysql"
     args: ["--version"]
-    expectedOutput: ["mysql  Ver 15.*10.*-MariaDB"]
+    expectedOutput: ["mysql from 11.*-MariaDB*"]

.github/workflows/lint-and-test.yml

@@ -85,7 +85,7 @@ jobs:
           DATABASE_USE=sqlite poetry run pytest . -v --runslow
       - name: Pytest coverage comment
         if: ${{ matrix.python-version == '3.12' }}
-        uses: MishaKav/[email protected].52
+        uses: MishaKav/[email protected].53
         with:
           pytest-coverage-path: ./pytest-coverage.txt
           junitxml-path: ./pytest.xml
@@ -139,7 +139,7 @@ jobs:
       # To save CI time, only run these tests when the install script or deps changed
       - name: Get changed files using defaults
         id: changed-files
-        uses: tj-actions/changed-files@v44.5.5
+        uses: tj-actions/changed-files@v45.0.4
       - name: Build images
         if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
         run: docker compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel ${{ join(matrix.images, ' ') }}

CHANGELOG.md

@@ -14,6 +14,16 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [5.11.7] - 2024-11-11
+
+-   Fix arm installs by installing dotnet and powershell manually
+-   Fix issue initializing some databases by removing the unused Reporting table
+
+## [5.11.6] - 2024-11-08
+
+-   Fixed extra character in nanodump.x64.o
+-   Fixed bof tasking for IronPython agent
+
 ## [5.11.5] - 2024-09-22
 
 -   Updated Starkiller to v2.8.2
@@ -934,7 +944,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Updated shellcoderdi to newest version (@Cx01N)
 -   Added a Nim launcher (@Hubbl3)
 
-[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.5...HEAD
+[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.7...HEAD
+
+[5.11.7]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.6...v5.11.7
+
+[5.11.6]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.5...v5.11.6
 
 [5.11.5]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.4...v5.11.5
 

Dockerfile

@@ -7,7 +7,7 @@
 # 2) create volume storage: `docker create -v /empire --name data bcsecurity/empire`
 # 3) run out container: `docker run -it --volumes-from data bcsecurity/empire /bin/bash`
 
-FROM python:3.12.2-bullseye
+FROM python:3.12.6-bullseye
 
 LABEL maintainer="bc-security"
 LABEL description="Dockerfile for Empire server and client. https://bc-security.gitbook.io/empire-wiki/quickstart/installation#docker"

empire/server/common/empire.py

@@ -38,7 +38,7 @@
 
 from . import agents, credentials, listeners, stagers
 
-VERSION = "5.11.5 BC Security Fork"
+VERSION = "5.11.7 BC Security Fork"
 
 log = logging.getLogger(__name__)
 

empire/server/common/helpers.py

@@ -41,7 +41,6 @@
 import ipaddress
 import json
 import logging
-import os
 import random
 import re
 import socket
@@ -53,8 +52,6 @@
 import urllib.request
 from datetime import datetime
 
-import netifaces
-
 from empire.server.utils.math_util import old_div
 
 log = logging.getLogger(__name__)
@@ -602,44 +599,14 @@ def lhost():
     """
     Return the local IP.
     """
-
-    if os.name != "nt":
-        import fcntl
-        import struct
-
-        def get_interface_ip(ifname):
-            try:
-                s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
-                return socket.inet_ntoa(
-                    fcntl.ioctl(
-                        s.fileno(),
-                        0x8915,  # SIOCGIFADDR
-                        struct.pack("256s", ifname[:15].encode("UTF-8")),
-                    )[20:24]
-                )
-            except OSError:
-                return ""
-
-    ip = ""
     try:
-        ip = socket.gethostbyname(socket.gethostname())
-    except socket.gaierror:
-        pass
+        # Create a socket and connect to a remote server
+        s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+        s.connect(("8.8.8.8", 80))
+        ip = s.getsockname()[0]
+        s.close()
     except Exception:
-        log.error("Unexpected error:", exc_info=True)
-        return ip
-
-    if (ip == "" or ip.startswith("127.")) and os.name != "nt":
-        interfaces = netifaces.interfaces()
-        for ifname in interfaces:
-            if "lo" not in ifname:
-                try:
-                    ip = get_interface_ip(ifname)
-                    if ip != "":
-                        break
-                except Exception:
-                    log.error("Unexpected error:", exc_info=True)
-                    pass
+        ip = "127.0.0.1"
     return ip
 
 

empire/server/core/db/models.py

@@ -455,19 +455,6 @@ def __repr__(self):
         return f"<PluginTask(id='{self.id}')>"
 
 
-class Reporting(Base):
-    __tablename__ = "reporting"
-    id = Column(Integer, Sequence("reporting_id_seq"), primary_key=True)
-    name = Column(String(255), nullable=False)
-    event_type = Column(String(255))
-    message = Column(Text)
-    timestamp = Column(UtcDateTime, default=utcnow(), nullable=False)
-    taskID = Column(Integer, ForeignKey("agent_tasks.id"))
-
-    def __repr__(self):
-        return f"<Reporting(id='{self.id}')>"
-
-
 class Keyword(Base):
     __tablename__ = "keywords"
     id = Column(Integer, Sequence("keyword_seq"), primary_key=True)

empire/server/core/module_service.py

@@ -203,7 +203,7 @@ def execute_module(  # noqa: PLR0913 PLR0912 PLR0915
                 else:
                     task_command = "TASK_POWERSHELL_CMD_WAIT"
 
-        elif agent.language == "ironpython" and module.language == "csharp":
+        elif agent.language == "ironpython" and module.language in ("csharp", "bof"):
             task_command = "TASK_CSHARP"
 
         return {"command": task_command, "data": module_data}, None

empire/server/modules/bof/nanodump.yaml

@@ -121,7 +121,7 @@ options:
     format: i
 bof:
   x86: bof/nanodump/nanodump.x86.o
-  x64: bof/nanodump/nanodump.x64.oo
+  x64: bof/nanodump/nanodump.x64.o
   entry_point: ''
 script_path: ''
 script_end: ''

pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "empire-bc-security-fork"
-version = "5.11.5"
+version = "5.11.7"
 description = ""
 authors = ["BC Security <[email protected]>"]
 readme = "README.md"
@@ -21,7 +21,6 @@ macholib = "^1.16.3"
 dropbox = "^11.36.2"
 pyOpenSSL = "^24.0.0"
 zlib_wrapper = "^0.1.3"
-netifaces = "^0.11.0"
 jinja2 = "^3.1.3"
 xlutils = "^2.0.0"
 pyparsing = "^3.1.1"
@@ -48,7 +47,7 @@ pyvnc = {git = "https://github.com/BC-SECURITY/pyVNC.git"}
 python-socketio = {extras = ["client"], version = "^5.11.1"}
 Flask = "^3.0.2"
 pysecretsocks = {git = "https://github.com/BC-SECURITY/PySecretSOCKS.git", rev = "da5be0e"}
-donut-shellcode = { version = "^1.0.2", markers = "platform_machine == 'x86_64' or platform_machine == 'amd64'" }
+donut-shellcode = { version = "^1.1", markers = "platform_machine == 'x86_64' or platform_machine == 'amd64'" }
 python-obfuscator = "^0.0.2"
 pyinstaller = "^6.4.0"
 md2pdf = {git = "https://github.com/bc-security/md2pdf", rev = "48d5a46"}