[FEATURE REQUEST] Convert modules to stop using deprecated features in Empire 5.9+

vinnybod commented 5 months ago

Description

Empire 5.9.0 introduced a new way of doing error handling: https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#error-handling

Instead of returning a tuple containing an error message or using the handle_error_message function, an exception should be raised and the generated module script should be returned as a str

Empire 5.9.0 introduced 2 decorators auto_get_source and auto_finalize: https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#decorators

Using these decorators eliminates a bit of boiler plate code from the beginning and end of a module's generate function. auto_finalize cannot be used without replacing tuple returns with raised exceptions.

Solution

Remove the use of handle_error_message, instead using the raised exceptions described in the docs https://bc-security.gitbook.io/empire-wiki/module-development/powershell-modules#error-handling

For modules that are not deviating from the boiler plate template, replace the get_module_source and finalize_module calls with the auto_get_source and auto_finalize decorators.

An example module conversion is here: https://github.com/BC-SECURITY/Empire/commit/4eb02f637b300f2aa87b607b88487ae4c4108794#diff-c41918d437c0bf39ac6fc692e1bb881586f8d1b0c583864f72bdcfbf5ba0ad65R12-R48

Alternatives

No response

Additional Context

No response

git-tirthankar commented 5 months ago

@vinnybod - I have enhanced the feature as mentioned. Could you please review part 1: https://github.com/BC-SECURITY/Empire/pull/717

vinnybod commented 4 months ago

Hey @git-tirthankar I reviewed the pull request, looks like you just need to lint the code. When I did locally, it found some syntactical errors. Thanks for your help!

BC-SECURITY / Empire