Empire mordor-empire not working

[jsecurity101]

After creating listener and executing initial access. Docker container empire-mordor does not receive callback.

Have tried to reset docker container, that didn't work.

[Cyb3rWard0g]

Do we install Empire manually now?

[Cyb3rWard0g]

Never mind I see what you do there: https://github.com/Cyb3rWard0g/mordor/blob/2cd595efb69c2f9a35935724fb70079f80c7bc2c/environment/shire/aws/terraform/main.tf#L399-L403

I see the container as stopped

wardog@ip-172-18-39-8:/opt$ sudo docker ps -a
CONTAINER ID        IMAGE                             COMMAND             CREATED             STATUS                     PORTS               NAMES
d8b9f4bb11f6        cyb3rward0g/mordor-empire:0.0.1   "/bin/sh"           5 hours ago         Exited (137) 5 hours ago                       mordor-empire
wardog@ip-172-18-39-8:/opt

[Cyb3rWard0g]

I will need some information on how you created the listener and every single step to know why it did not work for you. However, I believe I might know why it failed for you.

Can you provide the following:

run listeners and show me the listener IP. if you did not set that while creating the listener you might end up with the wrong IP

However the right IP should be: 172.18.39.8 according to https://github.com/Cyb3rWard0g/mordor/tree/2cd595efb69c2f9a35935724fb70079f80c7bc2c/environment/shire/aws/Date_Documentation#users-that-are-set-to-login-through-apache-guacamole

If you do not have the right IP, you should do the following:

I then created a stager to test it:

Downloaded it on machine and ran it:

Got a working agent back

I do not see a bug there. Can you please confirm.

[jsecurity101]

Ahh yep. Have to do same thing with covenant.