search

BC-SECURITY / Empire

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
https://bc-security.gitbook.io/empire-wiki/
BSD 3-Clause "New" or "Revised" License
4.1k stars 566 forks source link

Add an option to drop an interactive shell. #63

Closed whmacmac closed 4 years ago

whmacmac commented 4 years ago

I was thinking that having the following features, will be great:

  1. An option to drop an interactive shell.
  2. An option to make use of the metasploit's meterpreter: in this case we will can use directly from empire all metasploit/meterpreter features instead of having a separate session/terminal for metasploit.
Hubbl3 commented 4 years ago

@Sa1riil what do you mean drop an interactive shell? You already have access to any shell commands by using shell <command> when interacting with an agent.

whmacmac commented 4 years ago

Hello Hubll3, Shell commands works fine but there are times when you want to execute an entire script file through copy pasting it in the terminal. I observed the shell command can execute only basic commands instead of complex scripts. There are also times when I am using both single and double quote, which will break my script if I try to use it through the empire's "shell" option. In case it makes sense, it will be great.

Hubbl3 commented 4 years ago

@Sa1riil that's what Empire's modules are for. They are simply loading large scripts into memory. There are template files provided that describe how to do this.

Invoke-Mimikatz for example is just a very large .ps1 stored in ./Empire/data/module_source/credentials

Does that achieve what you are looking for or am I misunderstanding?

whmacmac commented 4 years ago

Yes this was what i mean, then there is no need to have an interactive shell. About an option to interconnect empire to all modules from metasploit through a meterpreter session, does it is possible without needing a separate session of meterpreter in other terminal?

Invoke-Mimikatz commented 4 years ago

@Sa1riil You can run entire scripts in Empire by doing the following:

scriptimport ~/Invoke-Whatever.ps1 to load a Powershell script into your agent. scriptcmd Invoke-Whatever -Flag to run Powershell functions previously imported.

It would be cool to have an option to drop into a shell like meterpreter, but Empire can run shell commands already, and has methods of running larger scripts if you need to.

whmacmac commented 4 years ago

@Sa1riil You can run entire scripts in Empire by doing the following:

scriptimport ~/Invoke-Whatever.ps1 to load a Powershell script into your agent. scriptcmd Invoke-Whatever -Flag to run Powershell functions previously imported.

It would be cool to have an option to drop into a shell like meterpreter, but Empire can run shell commands already, and has methods of running larger scripts if you need to.

Thank you for clarifying it to me. So i think having two shells: one for meterpreter, other for empire can resolve all i said. If you consider it is to much to work for it, you can close it. I will try to think at a method to made them interoperable and in case it works, i will forward it to you to add at the main branch if you consider it is good.