search

byt3bl33d3r / DeathStar

Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
GNU General Public License v3.0
1.58k stars 329 forks source link

Conflict with latest Empire #29

Closed mepher closed 6 years ago

mepher commented 7 years ago

running the latest empire && deathstar everything goes well, until the agent calls in. then 'results' seems to be unpopulated. debug below:

[*] Powering up the Death Star
[*] Polling for agents
[+] New Agent => Name: TPGXMUL5 IP: 1x.x.x.54 HostName: monkeybrain UserName: obfuscated\ooo HighIntegrity: 0
[*] Agent: TPGXMUL5 => Starting recon
Exception in thread Thread-1:
Traceback (most recent call last):
  File "/usr/lib/python3.5/threading.py", line 914, in _bootstrap_inner
    self.run()
  File "./DeathStar.py", line 59, in __run
    self.__run_backup()
  File "/usr/lib/python3.5/threading.py", line 862, in run
    self._target(*self._args, **self._kwargs)
  File "./DeathStar.py", line 534, in pwn_the_shit_out_of_everything
    recon(agent_name)
  File "./DeathStar.py", line 471, in recon
    for member in get_group_member(agent_name):
  File "./DeathStar.py", line 202, in get_group_member
    results = execute_module_with_results('powershell/situational_awareness/network/powerview/get_group_member', agent_name, module_options)
  File "./DeathStar.py", line 171, in execute_module_with_results
    if result['taskID'] == r['taskID']:
KeyError: 'taskID'
byt3bl33d3r commented 7 years ago

Apparently commit https://github.com/EmpireProject/Empire/commit/2973bfe0c9abd11c3f346ef085b696ef770eb0ff broke some of the changes needed for DeathStar to run. I'll submit a pull request to straighten things out, in the meantime you can run git revert 2973bfe0c9abd11c3f346ef085b696ef770eb0ff in your cloned Empire directory to revert that commit and DeathStar should work fine.

minkione commented 7 years ago

Prologue:

* Starting Empire RESTful API on port: 1337
 * RESTful API token: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

But DeathStar doesn't wanna connect to API endpoint

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1137/python
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      661/sshd
tcp        0      0 0.0.0.0:1337            0.0.0.0:*               LISTEN      1137/python
tcp6       0      0 :::22                   :::*                    LISTEN      661/sshd
root@kali:# ./DeathStar.py --debug
[*] Powering up the Death Star
[-] Connection Error. Check Empire RESTful API
root@kali:# ./DeathStar.py -u empireadmin -p Password123 --url https://127.0.0.1:1337
[*] Powering up the Death Star
[-] Connection Error. Check Empire RESTful API
DanMcInerney commented 6 years ago

Solution: cd Empire/ git reset --hard 2677363e508c81834b27c31ae534a5474d37eda5 pip3 install pyopenssl

utkusen commented 6 years ago

@byt3bl33d3r did you able to submit PR to empire?

utkusen commented 6 years ago

@DanMcInerney your workaround didn't fix the problem for me

REPTILEHAUS commented 6 years ago

Any update on this ? running into same issue

byt3bl33d3r commented 6 years ago

Just submitted https://github.com/EmpireProject/Empire/pull/854 and updated DeathStar to reflect the API changes. Until the fix is merged you can use my fork of empire (https://github.com/byt3bl33d3r/Empire).

routeback commented 6 years ago

Thanks, @byt3bl33d3r for the update. That forked repo appears to have resolved the issue for me. Hopefully it gets merged sooner, rather than later!

byt3bl33d3r commented 6 years ago

The changes were just merged into the main Empire repo so this issue should be resolved.

Cheers