search

BC-SECURITY / Empire

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
https://bc-security.gitbook.io/empire-wiki/
BSD 3-Clause "New" or "Revised" License
4.06k stars 564 forks source link

[BUG] OSX stagers all broken? #696

Open boochysplack opened 10 months ago

boochysplack commented 10 months ago

Is there an existing issue for this?

Empire Version

5.6.0

Python Version

3.9.2

Operating System

Debian 11

Database

SQLite

Current Behavior

Not sure if an issue with my specific setup or maybe the OSX stagers are just out of date, but after testing on OSX ventura and monterey I have not been able to get any proper connections from agents. I can get connections from windows agents just fine, was originally using a malleable listener but also tested with regular http in case that was something to do with it (both my listeners work fine with non osx machines). I have tried every osx specific stager as well as every multi option, staged and stageless. The closest thing I can get is using generate agent non staged I can get the agent to show up, but with no information at all and I can't run any modules on it because it thinks the agent is running python 2 (the mac im testing on has no python2 installed, only python3 and its what the generate agent .py was ran with). Screenshot at 2023-08-30 12-51-57 Screenshot at 2023-08-30 12-52-34

Expected Behavior

An agent should generate with proper host information and the ability to run modules.

Steps To Reproduce

  1. Run empire server and client
  2. Generate any osx stager
  3. Run stager on Mac
  4. No proper agent received

Anything else?

No response