Merge pull request #667 from BC-SECURITY/release/5.2.2

v5.2.2 into main
BC-SECURITY · Apr 30, 2023 · ce3fdec · ce3fdec
2 parents e782c80 + f5a5fdf
commit ce3fdec
Show file tree

Hide file tree

Showing 49 changed files with 9,210 additions and 5,467 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,32 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [5.2.2] - 2023-04-30
+
+-   Updated Starkiller to v2.2.0
+-   Dependency upgrades (@Vinnybod)
+
+## [5.2.1] - 2023-04-30
+
+-   Updated Donut to v1.0.2 (@Cx01N)
+-   Fixed issue with install path not being used properly when switching empire location (@Vinnybod)
+-   Lock nim version in the install script (@Vinnybod)
+-   Fixed issue with Powerview modules not performing dynamic detect on overhead functions (@Cx01N)
+-   Fixes for the onedrive listener that broke with 5.0 (@Vinnybod)
+
+## [5.2.0] - 2023-03-31
+
+-   Added new plugin functionality (@Vinnybod)
+    -   Added plugin tasks
+    -   Added plugin task endpoints
+    -   Gave plugins kwargs to allow for more flexibility. Plugins are now receiving a database session and user object.
+-   Tasks renamed to AgentTasks to avoid confusion with PluginTasks
+-   Rename tasking to task in most places to standardize the naming. The hook names have not been changed yet.
+-   Fix Starkiller error in Docker (@0x4xel)
+-   Fixed launcher_bat to work with all listeners (@Cx01N)
+-   Fixed issue with duplicate Server Header being added by Flask (@Cx01N)
+-   Fixed malleable c2 not generating IronPython agents correctly (@Cx01N)
+
 ## [5.1.2] - 2023-03-29
 
 -   Updated Starkiller to v2.1.1
@@ -441,7 +467,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Updated shellcoderdi to newest version (@Cx01N)
 -   Added a Nim launcher (@Hubbl3)
 
-[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.1.2...HEAD
+[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.2.2...HEAD
+
+[5.2.2]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.2.1...v5.2.2
+
+[5.2.1]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.2.0...v5.2.1
+
+[5.2.0]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.1.2...v5.2.0
 
 [5.1.2]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.1.1...v5.1.2
 

diff --git a/Dockerfile b/Dockerfile
@@ -13,7 +13,7 @@
 # -----BUILD ENTRY-----
 
 # image base
-FROM python:3.11.2-buster
+FROM python:3.11.3-buster
 
 # extra metadata
 LABEL maintainer="bc-security"

diff --git a/empire/server/api/app.py b/empire/server/api/app.py
@@ -75,7 +75,7 @@ def initialize(secure: bool = False, port: int = 1337):
     from empire.server.api.v2.meta import meta_api
     from empire.server.api.v2.module import module_api
     from empire.server.api.v2.obfuscation import obfuscation_api
-    from empire.server.api.v2.plugin import plugin_api
+    from empire.server.api.v2.plugin import plugin_api, plugin_task_api
     from empire.server.api.v2.profile import profile_api
     from empire.server.api.v2.stager import stager_api, stager_template_api
     from empire.server.api.v2.user import user_api
@@ -107,6 +107,7 @@ def shutdown_event():
     v2App.include_router(host_api.router)
     v2App.include_router(download_api.router)
     v2App.include_router(meta_api.router)
+    v2App.include_router(plugin_task_api.router)
     v2App.include_router(plugin_api.router)
 
     v2App.add_middleware(

diff --git a/empire/server/api/v2/agent/agent_task_api.py b/empire/server/api/v2/agent/agent_task_api.py
@@ -11,6 +11,9 @@
 from empire.server.api.api_router import APIRouter
 from empire.server.api.jwt_auth import get_current_active_user, get_current_user
 from empire.server.api.v2.agent.agent_task_dto import (
+    AgentTask,
+    AgentTaskOrderOptions,
+    AgentTasks,
     CommsPostRequest,
     DirectoryListPostRequest,
     DownloadPostRequest,
@@ -24,9 +27,6 @@
     SleepPostRequest,
     SocksPostRequest,
     SysinfoPostRequest,
-    Task,
-    TaskOrderOptions,
-    Tasks,
     UploadPostRequest,
     WorkingHoursPostRequest,
     domain_to_dto_task,
@@ -41,7 +41,7 @@
 from empire.server.core.agent_service import AgentService
 from empire.server.core.agent_task_service import AgentTaskService
 from empire.server.core.db import models
-from empire.server.core.db.models import TaskingStatus
+from empire.server.core.db.models import AgentTaskStatus
 from empire.server.core.download_service import DownloadService
 from empire.server.server import main
 from empire.server.utils.data_util import is_port_in_use
@@ -83,17 +83,17 @@ async def get_task(
     )
 
 
-@router.get("/tasks", response_model=Tasks)
+@router.get("/tasks", response_model=AgentTasks)
 async def read_tasks_all_agents(
     limit: int = -1,
     page: int = 1,
     include_full_input: bool = False,
     include_original_output: bool = False,
     include_output: bool = True,
     since: Optional[datetime] = None,
-    order_by: TaskOrderOptions = TaskOrderOptions.id,
+    order_by: AgentTaskOrderOptions = AgentTaskOrderOptions.id,
     order_direction: OrderDirection = OrderDirection.desc,
-    status: Optional[TaskingStatus] = None,
+    status: Optional[AgentTaskStatus] = None,
     agents: Optional[List[str]] = Query(None),
     users: Optional[List[int]] = Query(None),
     query: Optional[str] = None,
@@ -124,7 +124,7 @@ async def read_tasks_all_agents(
         )
     )
 
-    return Tasks(
+    return AgentTasks(
         records=tasks_converted,
         page=page,
         total_pages=math.ceil(total / limit),
@@ -133,17 +133,17 @@ async def read_tasks_all_agents(
     )
 
 
-@router.get("/{agent_id}/tasks", response_model=Tasks)
+@router.get("/{agent_id}/tasks", response_model=AgentTasks)
 async def read_tasks(
     limit: int = -1,
     page: int = 1,
     include_full_input: bool = False,
     include_original_output: bool = False,
     include_output: bool = True,
     since: Optional[datetime] = None,
-    order_by: TaskOrderOptions = TaskOrderOptions.id,
+    order_by: AgentTaskOrderOptions = AgentTaskOrderOptions.id,
     order_direction: OrderDirection = OrderDirection.desc,
-    status: Optional[TaskingStatus] = None,
+    status: Optional[AgentTaskStatus] = None,
     users: Optional[List[int]] = Query(None),
     db: Session = Depends(get_db),
     db_agent: models.Agent = Depends(get_agent),
@@ -174,7 +174,7 @@ async def read_tasks(
         )
     )
 
-    return Tasks(
+    return AgentTasks(
         records=tasks_converted,
         page=page,
         total_pages=math.ceil(total / limit) if limit > 0 else page,
@@ -183,20 +183,20 @@ async def read_tasks(
     )
 
 
-@router.get("/{agent_id}/tasks/{uid}", response_model=Task)
+@router.get("/{agent_id}/tasks/{uid}", response_model=AgentTask)
 async def read_task(
     uid: int,
     db: Session = Depends(get_db),
     db_agent: models.Agent = Depends(get_agent),
-    db_task: models.Tasking = Depends(get_task),
+    db_task: models.AgentTask = Depends(get_task),
 ):
     if not db_task:
         raise HTTPException(status_code=404, detail="Task not found")
 
     return domain_to_dto_task(db_task)
 
 
-@router.post("/{agent_id}/tasks/jobs", response_model=Task)
+@router.post("/{agent_id}/tasks/jobs", response_model=AgentTask)
 async def create_task_jobs(
     db_agent: models.Agent = Depends(get_agent),
     db: Session = Depends(get_db),
@@ -207,7 +207,7 @@ async def create_task_jobs(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/kill_job", response_model=Task)
+@router.post("/{agent_id}/tasks/kill_job", response_model=AgentTask)
 async def create_task_kill_job(
     jobs: KillJobPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -222,7 +222,7 @@ async def create_task_kill_job(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/shell", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/shell", status_code=201, response_model=AgentTask)
 async def create_task_shell(
     shell_request: ShellPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -243,7 +243,7 @@ async def create_task_shell(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/module", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/module", status_code=201, response_model=AgentTask)
 async def create_task_module(
     module_request: ModulePostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -260,7 +260,7 @@ async def create_task_module(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/upload", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/upload", status_code=201, response_model=AgentTask)
 async def create_task_upload(
     upload_request: UploadPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -300,7 +300,7 @@ async def create_task_upload(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/download", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/download", status_code=201, response_model=AgentTask)
 async def create_task_download(
     download_request: DownloadPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -317,7 +317,9 @@ async def create_task_download(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/script_import", status_code=201, response_model=Task)
+@router.post(
+    "/{agent_id}/tasks/script_import", status_code=201, response_model=AgentTask
+)
 async def create_task_script_import(
     file: UploadFile = File(...),
     db_agent: models.Agent = Depends(get_agent),
@@ -336,7 +338,9 @@ async def create_task_script_import(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/script_command", status_code=201, response_model=Task)
+@router.post(
+    "/{agent_id}/tasks/script_command", status_code=201, response_model=AgentTask
+)
 async def create_task_script_command(
     script_command_request: ScriptCommandPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -363,7 +367,7 @@ async def create_task_script_command(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/sysinfo", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/sysinfo", status_code=201, response_model=AgentTask)
 async def create_task_sysinfo(
     sysinfo_request: SysinfoPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -378,7 +382,9 @@ async def create_task_sysinfo(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/update_comms", status_code=201, response_model=Task)
+@router.post(
+    "/{agent_id}/tasks/update_comms", status_code=201, response_model=AgentTask
+)
 async def create_task_update_comms(
     comms_request: CommsPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -395,7 +401,7 @@ async def create_task_update_comms(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/sleep", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/sleep", status_code=201, response_model=AgentTask)
 async def create_task_update_sleep(
     sleep_request: SleepPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -412,7 +418,7 @@ async def create_task_update_sleep(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/kill_date", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/kill_date", status_code=201, response_model=AgentTask)
 async def create_task_update_kill_date(
     kill_date_request: KillDatePostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -429,7 +435,9 @@ async def create_task_update_kill_date(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/working_hours", status_code=201, response_model=Task)
+@router.post(
+    "/{agent_id}/tasks/working_hours", status_code=201, response_model=AgentTask
+)
 async def create_task_update_working_hours(
     working_hours_request: WorkingHoursPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -446,7 +454,9 @@ async def create_task_update_working_hours(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/directory_list", status_code=201, response_model=Task)
+@router.post(
+    "/{agent_id}/tasks/directory_list", status_code=201, response_model=AgentTask
+)
 async def create_task_update_directory_list(
     directory_list_request: DirectoryListPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -463,7 +473,7 @@ async def create_task_update_directory_list(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/proxy_list", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/proxy_list", status_code=201, response_model=AgentTask)
 async def create_task_update_proxy_list(
     proxy_list_request: ProxyListPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -486,7 +496,7 @@ async def create_task_update_proxy_list(
     return domain_to_dto_task(resp)
 
 
-@router.post("/{agent_id}/tasks/exit", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/exit", status_code=201, response_model=AgentTask)
 async def create_task_exit(
     exit_request: ExitPostRequest,
     db_agent: models.Agent = Depends(get_agent),
@@ -505,17 +515,19 @@ async def create_task_exit(
     "/{agent_id}/tasks/{uid}", status_code=HTTP_204_NO_CONTENT, response_class=Response
 )
 async def delete_task(
-    uid: int, db: Session = Depends(get_db), db_task: models.Tasking = Depends(get_task)
+    uid: int,
+    db: Session = Depends(get_db),
+    db_task: models.AgentTask = Depends(get_task),
 ):
-    if db_task.status != TaskingStatus.queued:
+    if db_task.status != AgentTaskStatus.queued:
         raise HTTPException(
             status_code=400, detail="Task must be in a queued state to be deleted"
         )
 
     agent_task_service.delete_task(db, db_task)
 
 
-@router.post("/{agent_id}/tasks/socks", status_code=201, response_model=Task)
+@router.post("/{agent_id}/tasks/socks", status_code=201, response_model=AgentTask)
 async def create_task_socks(
     socks: SocksPostRequest,
     db_agent: models.Agent = Depends(get_agent),