Empire v4.1.3

9/28/2021

• Version 4.1.3 Master Release
  - Fixed output from files throwing a error for the client (@Cx01N)

9/21/2021

• Version 4.1.2 Master Release
  - Removed pyminifier as a dependency to prevent install errors (@Cx01N)

9/20/2021

• Version 4.1.1 Master Release
  - Add OutputFunction to dcsync_hashdump (@jamarir)
  - Convert file operations to use with syntax (@jamarir)
  - Added Invoke-IronPython3 and some OffensiveDLR fixes (@Cx01N)
  - Fix for (#476) - String indices error ms16-032 & ms16-135 (@Cx01N)
  - Fix help menu text on the interact menu (@archcloudlabs)
  - Rework agent taskings in the client to not poll for a result (@Cx01N)
  - Added Python agents to the external/generate_agent module (@Cx01N)
  - Update add_sid_history module command (@ilanisme)

8/29/2021

• Version 4.1.0 Master Release
  - Correct issue where install script would break depending on the current working directory (@vinnybod)
  - Empire client now currently refreshes listener list after killing a listener (@vinnybod)
  - Removed the wiki and added a link to the new docs (@vinnybod)
  - Added the initial filtering/hooking feature (@vinnybod)
  - Fix an issue where the docker builds would not run because it was deleting the database (@vinnybod)
  - Added autocomplete for taskings in the Empire Client and added a command to view a specific task (@Cx01N)
  - Updated the OutputFunction feature to allow for arbitrary values (@vinnybod)
  - Added an IronPython3 agent (@Cx01N)

Empire v4.0.2

8/16/2021

• Version 4.0.2 Master Release
  - Added socketio messages to screenshot/download/upload (@Cx01N)
  - Added help message when no input is given to empire.py (@Cx01N)
  - Fixed missing slash for module directories (@Cx01N)
  - Fixed modules Get-SQLServerLoginDefaultPw and PortScan (@jamarir)
  - Fixed formatting bug in the options table on the listener menu (@vinnybod)
  - Fixed querying retain-last-value config parameters (@ilanisme)
  - Fixed invalid concat on keylogs (@Cx01N)
  - Fixed mimikatz command and added suggested values (@Cx01N)
  - Fixed misc bugs (@vinnybod)
  - Updated suggested values for stagers and reformatted code (@Cx01N)
  - Updated editlistener menu (@vinnybod)
  - Removed client suppression for job started taskings (@Cx01N)

Empire v4.0.1

7/19/2021

• Version 4.0.1 Master Release
  • Added API endpoints for sleep/jitter to agents (@Cx01N)
  • Added sleep command to CLI (@Cx01N)
  • Added sleep/jitter option to C# agents (@Hubbl3)
  • Fix for Invoke-Obfuscation installation
  • Added PrintNightmare module (@Cx01N)

6/28/2021

• Version 4.0.0 Master Release
  • Breaking Changes
    • Removed old Empire CLI and cmdloop from server (@Cx01N)
    • The credential create endpoint now accepts a single credential instead of a list
    • Some endpoints which were previously throwing 500s when not found, now properly return a 404
    • Plugin endpoints and socketio channels renamed to plural (plugin -> plugins) to match naming convention of other resources (@vinnybod)
  • New Features
    • Integrated server and client into Empire (@Cx01N, @vinnybod)
    • Introduced C# agents (@Hubbl3)
    • Integrated Covenant Roslyn compiler for task compilation (@Hubbl3)
    • Covenant Task compatibility (@Hubbl3, @vinnybod)
    • Added support for 'suggested values' on the server and auto completing the suggested values in the CLI (@vinnybod)
    • Added new launch parameters for starting server/client (@Cx01N, @vinnybod)
    • Added Offensive DLR Modules: IronPython, ClearScript, & Boolang (@Cx01N)
    • Added MS16-051 stager (@Cx01N)
    • Added Start-ProcessAsUser module (@Cx01N)
    • Added NTLM-Extract module (@Cx01N)
    • Added Invoke-SharpSecDump module (@Cx01N)
    • Added sriptimport and scriptcommand to API (@Cx01N)
    • Added auto generate certificate function to startup script (@Cx01N)
    • Added Invoke-SpoolSample (@Cx01N)
    • Added redirector chaining and proper tunneling (@Cx01N)
    • Updated pycrypto to pycryptodome (@Cx01N)
    • Updated PowerDump with AES NTLM hashes (@Cx01N)
    • Updated cert/install/reset script with new directories (@Cx01N)
    • Updated all modules to new YAML format (@vinnybod, @Cx01N)
    • Updated to Mimikatz 2.2.0 20210531 X11 RDP Clients (@Cx01N)
    • Removed M2Crypto dependency (@Cx01N)
    • Simplified kill/remove commands and added 'all' and 'stale' options (@Cx01N)
    • Removed the need for manual database timestamp updates, merge taskings and results table to a single table (@vinnybod)
    • Added a socketio event for when tasking results come back (@vinnybod)
    • Readded rastamouse's bypass (@Cx01N)
    • Added a 'since' query parameter to the tasks endpoint for more efficient querying (@vinnybod)
    • Added socketio tasking event handler to CLI for displaying task results in the interact menu (@vinnybod)
    • Install script prompts for xar, bomutils, openjdk, and dotnet for a more streamlined install (@vinnybod)
    • Install script now includes dotnet (@vinnybod)
    • Dockerfile size decreased by ~1GB by only installing the essentials. There is a note in the README (@vinnybod)
    • Made powershell bypasses dynamic. Now set with a single field Bypasses and they will be applied in the order provided (@vinnybod)
    • Added API endpoints for managing bypasses (@vinnybod)
    • Add processor architecture to powershell, csharp, and python agents (@vinnybod)
    • Add a display command to interact menu (@vinnybod)
    • Add additional endpoints for credential for get, update, and delete (@vinnybod)
    • Add create, update, remove credential functionality to the CLI (@Cx01N)
    • Add an "output function" option on several modules (@jamarir)
    • Updated shellcoderdi to newest version (@Cx01N)
    • Added a Nim launcher (@Hubbl3)

Empire v3.8.2

3/28/2021

• Version 3.8.2 Master Release
  - Fixed issue with try/catch preventing agent connections for http_hop/http listeners (@Cx01N)

3/22/2021

• Version 3.8.1 Master Release
  - Fixed http_hop listener options not being copied properly (@Cx01N)

3/7/2021

• Version 3.8.0 Master Release
  - Fix for literal comparison warnings in Python agent - #428 (@mattbogenberger)
  - Add an Invoke-SweetPotato module - #433 (@Invoke-Mimikatz)
  - Fix failed ticket generation in Invoke-Kerberoast - #434 (@Pen-Git)
  - Add ability to specify the bind IP for RESTful API - #431 (@meldridge)

Empire v3.7.2

• Version 3.7.2 Master Release
  - Fixed Malleable C2 issue where netbios/netbiosu transformations used excessive resources (@Cx01N)
  - Fixed error when loading http_hop listener options (@Cx01N)

• Version 3.7.1 Master Release (Kali Build Only)
  - Added Kali message to main menu

• Version 3.7.0 Master Release
  - Revamped backend database from direct sqlite3 to SQLAlchemy (@Cx01N, @vinnybod)
  - Added new Empire CLI to packaging (@vinnybod)
  - Added malleable C2 profiles to empire directory: /data/profiles (@Cx01N)
  - Added --teamserver option to launcher (@Cx01N)
  - Added support for logging into Empire from multiple locations (@vinnybod)
  - Added Invoke-WireTap (@Cx01N)
  - Added Invoke-SauronEye (@Cx01N)
  - Added Invoke-SharpLoginPrompt (@Cx01N)
  - Fixed OneDrive Listener with new database (@Cx01N)
  - Removed need to run setup database script (@vinnybod)
  - Updated docker image to use the locked dependencies in pyproject.toml (@vinnybod)

Empire v3.6.3

Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.

Changelog

• Added save path to download file message - #414 (@meldridge)
• Updated installation file formatting - #410 (@Pernat1y)
• Fixed python 3.9.1 issue with deprecated base64 function - #422 (@brimstone)
• Fixed dump creds and hash not being logged in credentials properly - #423 (@Cx01N)

Empire v3.6.2

Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.

Changelog

• Added python support for HTTP malleable listener - #404 (@adamczi)
• Added new admin menu API endpoints - #403 (@vinnybod, @Cx01N)
• Added chat server for Starkiller and new Empire CLI integration - #403 (@vinnybod, @Cx01N)
• Added module PrivescCheck - #401 (@Invoke-Mimikatz)
• Fixed error in malleable profiles when http-stager is not defined - #407 (@Cx01N)

Empire v3.6.1

Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.

Changelog

• Added editable wiki and sync option to repo - #398 (@Cx01N)
• Fixed byte error in python/collection/osx/prompt - #396 (@Cx01N)
• Fixed clear option issue for malleable listener - #393 (@Cx01N)
• Added update_comms, killdate, and workinghours endpoints - #399 (@Cx01N)

Empire v3.6.0

Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.

Changelog

• Added new API endpoints for user and agent notes - #383 (@Cx01N)
• Added (readded) PowerView function add-netuser - #381 (@Cx01N)
• Added Invoke-SharpChisel module - #368 (@Invoke-Mimikatz)
• Added command option to psremoting and smbexec - #380 (@Invoke-Mimikatz)
• Added option to use multiple redirector listeners and chaining - #389 (@Cx01N)
• Added Invoke-Assembly module - #376 (@Invoke-Mimikatz)
• Updated API endpoints for dynamic plugin calls - #383 (@Cx01N)
• Updated plugin and module templates - #384 (@Cx01N)
• Fixed smbscanner to work on Windows 10 - #380 (@Invoke-Mimikatz)
• Fixed update agent comms (updatecomms) not properly changing - #382 (@Cx01N)
• Fixed download endpoint formatting and error handling - #383 (@Cx01N)
• Fixed issue with passing arguments to Get-DomainSID module - #374 (@mjokic)
• Fixed bat file length limit issue - #385 (@Hubbl3)

Empire v3.5.2

Beginning with Empire 3.5.0, we recommend the use of Poetry or the Docker images to run Empire as we will be transitioning to these platforms.

Changelog

• Fixed token manipulation (steal_token) functionality in Windows 10 - #355 (@Hubbl3)
• Fixed lateral movement module New-GPOImmediateTask - #362 (@Cx01N)
• Fixed Invoke-PSRemoting blocking current agent - #359 (@mjokic)