Merge pull request #739 from BC-SECURITY/release/5.11.2

v5.11.2 into main

Author: vinnybod

.github/install_tests/cst-config-install-base.yaml

@@ -8,7 +8,7 @@ commandTests:
   - name: "pyenv version"
     command: "pyenv"
     args: ["--version"]
-    expectedOutput: ["pyenv 2.3.*"]
+    expectedOutput: ["pyenv 2.*"]
   # poetry
   - name: "poetry python"
     command: "poetry"

.github/workflows/dockerimage.yml

@@ -38,7 +38,7 @@ jobs:
             echo "Using latest tag"
           fi
       - name: Build and push
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           platforms: linux/amd64,linux/arm64

.github/workflows/lint-and-test.yml

@@ -12,11 +12,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: psf/black@24.2.0
+      - uses: psf/black@24.4.2
       - name: Run ruff
         run: |
-          pip install ruff==0.2.1
-          ruff .
+          pip install ruff==0.5.3
+          ruff check .
   matrix-prep-config:
     runs-on: ubuntu-latest
     steps:
@@ -85,7 +85,7 @@ jobs:
           DATABASE_USE=sqlite poetry run pytest . -v --runslow
       - name: Pytest coverage comment
         if: ${{ matrix.python-version == '3.12' }}
-        uses: MishaKav/[email protected].51
+        uses: MishaKav/[email protected].52
         with:
           pytest-coverage-path: ./pytest-coverage.txt
           junitxml-path: ./pytest.xml
@@ -139,7 +139,7 @@ jobs:
       # To save CI time, only run these tests when the install script or deps changed
       - name: Get changed files using defaults
         id: changed-files
-        uses: tj-actions/changed-files@v44.4.0
+        uses: tj-actions/changed-files@v44.5.5
       - name: Build images
         if: contains(steps.changed-files.outputs.modified_files, 'setup/install.sh') || contains(steps.changed-files.outputs.modified_files, 'poetry.lock')
         run: docker compose -f .github/install_tests/docker-compose-install-tests.yml build --parallel ${{ join(matrix.images, ' ') }}

.gitmodules

@@ -55,3 +55,6 @@
 [submodule "empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Moriarty"]
 	path = empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/Moriarty
 	url = https://github.com/BC-SECURITY/Moriarty.git
+[submodule "empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/ThreadlessInject"]
+	path = empire/server/csharp/Covenant/Data/ReferenceSourceLibraries/ThreadlessInject
+	url = https://github.com/CCob/ThreadlessInject.git

.pre-commit-config.yaml

@@ -9,7 +9,7 @@ repos:
     - id: end-of-file-fixer
 
 - repo: https://github.com/astral-sh/ruff-pre-commit
-  rev: v0.2.1
+  rev: v0.5.3
   hooks:
     - id: ruff
       args: [--fix, --exit-non-zero-on-fix]

CHANGELOG.md

@@ -14,6 +14,47 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [5.11.2] - 2024-08-08
+
+-   Added Route4Me to sponsor page on Empire (@Cx01N)
+-   Fixed global obfuscation bug in listener staging (@Cx01N)
+
+## [5.11.1] - 2024-07-23
+
+### Changed
+
+-   Updated Ruff to 0.5.3 and added additional Ruff rules (@Vinnybod)
+
+### Fixed
+
+-   Removed duplicate code for ironpython agent for loading path resetting (@Cx01N)
+-   Fixed issue of Sharpire taskings not getting assigned correct id (@Cx01N)
+
+## [5.11.0] - 2024-07-14
+
+### Added
+
+-   Added threaded jobs for powershell tasks using Appdomains (@Cx01N)
+-   Added job tracking for all tasks in Sharpire (@Cx01N)
+-   Updated agents to track all tasks and removed only tracking jobs (@Cx01N)
+-   Added Invoke-BSOD modules (@Cx01N)
+-   Added ticketdumper ironpython module (@Hubbl3)
+-   Added ThreadlessInject module (@Cx01N)
+
+### Fixed
+
+-   Fixed issue in python agents where background jobs were failed due to a missing character (@Cx01N)
+-   Fixed task bundling for the c# server plugin (@Cx01N)
+-   Fixed missing New-GPOImmediateTask in powerview (@Cx01N)
+-   Fixed NET45 missing folder causing a compilation error (@Cx01N)
+-   Fixed NET45 files not being removed on server reset (@Cx01N)
+
+### Changed
+
+-   Converted C# server plugin to use plugin taskings (@Cx01N)
+-   Upgraded Ruff to 0.5.0 and Black to 24.4.2 (@Vinnybod)
+-   Added pylint-convention (PLC), pylint-error (PLE), pylint-warning (PLW), and pylint-refactor (PLR) to ruff config (@Vinnybod)
+
 ## [5.10.3] - 2024-05-23
 
 ### Changed
@@ -863,7 +904,13 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Updated shellcoderdi to newest version (@Cx01N)
 -   Added a Nim launcher (@Hubbl3)
 
-[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.3...HEAD
+[Unreleased]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.2...HEAD
+
+[5.11.2]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.1...v5.11.2
+
+[5.11.1]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.11.0...v5.11.1
+
+[5.11.0]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.3...v5.11.0
 
 [5.10.3]: https://github.com/BC-SECURITY/Empire-Sponsors/compare/v5.10.2...v5.10.3
 

README.md

@@ -8,10 +8,6 @@
 [![Twitter URL](https://img.shields.io/twitter/follow/BCSecurity?style=plastic&logo=twitter)](https://twitter.com/BCSecurity)
 [![Twitter URL](https://img.shields.io/twitter/follow/EmpireC2Project?style=plastic&logo=twitter)](https://twitter.com/EmpireC2Project)
 [![YouTube URL](https://img.shields.io/youtube/channel/views/UCIV4xSntF1h1bvFt8SUfzZg?style=plastic&logo=youtube)](https://www.youtube.com/channel/UCIV4xSntF1h1bvFt8SUfzZg)
-![Mastodon Follow](https://img.shields.io/mastodon/follow/109299433521243792?domain=https%3A%2F%2Finfosec.exchange%2F&style=plastic&logo=mastodon)
-![Mastodon Follow](https://img.shields.io/mastodon/follow/109384907460361134?domain=https%3A%2F%2Finfosec.exchange%2F&style=plastic&logo=mastodon)
-[![Threads](https://img.shields.io/badge/follow%20@BCSecurity0-grey?style=plastic&logo=threads&logoColor=#000000)](https://www.threads.net/@bcsecurity0)
-[![Threads](https://img.shields.io/badge/follow%20@EmpireC2Project-grey?style=plastic&logo=threads&logoColor=#000000)](https://www.threads.net/@empirec2project)
 [![LinkedIn](https://img.shields.io/badge/Linkedin-blue?style=plastic&logo=linkedin&logoColor=#0A66C2)](https://www.linkedin.com/company/bc-security/)
 
 </div>
@@ -53,13 +49,12 @@ Empire is a post-exploitation and adversary emulation framework that is used to
 - [ProcessInjection](https://github.com/3xpl01tc0d3r/ProcessInjection)
 - And Many More
 
-<!---
 ## Sponsors
 <div align="center">
 
-[<img src="https://github.com/BC-SECURITY/Empire/assets/9831420/f273f4b0-400c-49ce-b62f-521239a86754" width="100"/>](https://www.cybrary.it/)
-
-[<img src="https://github.com/BC-SECURITY/Empire/assets/9831420/d14af000-80d2-4f67-b70c-b62ac42b6a52" width="100"/>](https://twitter.com/joehelle)
+[<img src="https://github.com/user-attachments/assets/604fbb97-4641-4a15-a6ba-039f67694f15" width="200"/>](https://www.route4me.com//)
+</div>
+<!---https://github-production-user-asset-6210df.s3.amazonaws.com/20302208/354655875-3497ee72-324a-4b8a-a14b-37748115997d.png?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVCODYLSA53PQK4ZA%2F20240802%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240802T160658Z&X-Amz-Expires=300&X-Amz-Signature=68f78dde4457cc5bc6642dce601e1fd439252e2796b3ebe8d8d47e17625acd9a&X-Amz-SignedHeaders=host&actor_id=20302208&key_id=0&repo_id=276544505" width="100"/>](https://twitter.com/joehelle)
 </div>
 --->
 

empire.py

@@ -2,13 +2,13 @@
 
 import sys
 
-import empire.arguments as arguments
+from empire import arguments
 
 if __name__ == "__main__":
     args = arguments.args
 
     if args.subparser_name == "server":
-        import empire.server.server as server
+        from empire.server import server
 
         server.run(args)
     elif args.subparser_name == "sync-starkiller":
@@ -21,7 +21,7 @@
 
         sync_starkiller(config)
     elif args.subparser_name == "client":
-        import empire.client.client as client
+        from empire.client import client
 
         client.start(args)
 

empire/client/client.py

@@ -194,7 +194,7 @@ def run_resource_file(self, session, resource):
                     except CliExitException:
                         return
                     except Exception:
-                        log.error("Error parsing resource command: ", text)
+                        log.error(f"Error parsing resource command: {text}")
 
         log.info(f"Finished executing resource file: {resource}")
 

empire/client/src/bindings.py

@@ -13,12 +13,7 @@
 
 @Condition
 def ctrl_c_filter():
-    if (
-        menu_state.current_menu_name == "ChatMenu"
-        or menu_state.current_menu_name == "ShellMenu"
-    ):
-        return True
-    return False
+    return bool(menu_state.current_menu_name in ("ChatMenu", "ShellMenu"))
 
 
 @bindings.add("c-c", filter=ctrl_c_filter)