Added check if bypass language is compatible (#334)

* added check for bypass language is compatible

* removed bypassess.py

* changed database entry for language from text to string

empire/server/common/stagers.py

@@ -30,6 +30,7 @@
 import macholib.MachO
 import yaml
 from past.utils import old_div
+from sqlalchemy import and_
 
 from empire.server.database import models
 from empire.server.database.base import Session
@@ -68,8 +69,6 @@ def load_bypasses(self):
                 # don't load up any of the templates
                 if fnmatch.fnmatch(filename, "*template.yaml"):
                     continue
-                if file_path is not None:
-                    bypass_name = file_path.split(root_path)[-1][0:-5]
 
                 try:
                     with open(file_path, "r") as stream:
@@ -87,7 +86,9 @@ def load_bypasses(self):
                                 yaml_bypass["script"]
                             )
                             my_model = models.Bypass(
-                                name=yaml_bypass["name"], code=yaml_bypass["script"]
+                                name=yaml_bypass["name"],
+                                code=yaml_bypass["script"],
+                                language=yaml_bypass["language"],
                             )
                             Session().add(my_model)
                     Session().commit()
@@ -177,14 +178,19 @@ def generate_launcher(
         """
         bypasses_parsed = []
         for bypass in bypasses.split(" "):
-            b = (
+            bypass = (
                 Session()
                 .query(models.Bypass)
                 .filter(models.Bypass.name == bypass)
                 .first()
             )
-            if b:
-                bypasses_parsed.append(b.code)
+            if bypass:
+                if bypass.language == language:
+                    bypasses_parsed.append(bypass.code)
+                else:
+                    print(
+                        helpers.color(f"[!] Invalid bypass language: {bypass.language}")
+                    )
 
         if not listenerName in self.mainMenu.listeners.activeListeners:
             print(helpers.color("[!] Invalid listener: %s" % (listenerName)))

empire/server/database/models.py

@@ -264,5 +264,6 @@ class Bypass(Base):
     id = Column(Integer, Sequence("bypass_seq"), primary_key=True)
     name = Column(String(255), unique=True)
     code = Column(Text)
+    language = String(255)
     created_at = Column(UtcDateTime, nullable=False, default=utcnow())
     updated_at = Column(UtcDateTime, default=utcnow(), onupdate=utcnow(), nullable=False)

empire/server/server.py

@@ -2586,6 +2586,7 @@ def get_bypasses():
                     "code": bypass.code,
                     "created_at": bypass.created_at,
                     "updated_at": bypass.updated_at,
+                    "language": bypass.language,
                 }
             )
 
@@ -2607,6 +2608,7 @@ def get_bypass(uid: int):
             "code": bypass.code,
             "created_at": bypass.created_at,
             "updated_at": bypass.updated_at,
+            "language": bypass.language,
         }
 
     @app.route("/api/bypasses", methods=["POST"])
@@ -2632,6 +2634,7 @@ def create_bypass():
                 "code": bypass.code,
                 "created_at": bypass.created_at,
                 "updated_at": bypass.updated_at,
+                "language": bypass.language,
             }
 
         return make_response(jsonify({"error": f"bypass {name} already exists"}), 400)
@@ -2657,6 +2660,7 @@ def edit_bypass(uid: int):
             "code": bypass.code,
             "created_at": bypass.created_at,
             "updated_at": bypass.updated_at,
+            "language": bypass.language,
         }
 
     @app.route("/api/bypasses/<int:uid>", methods=["DELETE"])