You may be familiar with what was once called "PowerShell Empire", and is now referred to simply as "Empire". It's the hot new post-exploitation framework with a lot of fancy features. One major drawback, however, is that Empire lacks any real multiplayer support. I noticed that Empire is, at its core, a Flask app, so why the hell not extend it into a fully functional web interface for collaborative hacking?
- A nice, pretty, web interface for Empire
- Mulitplayer support
- Functional parity with command line version
- Minimal invasiveness to the existing Empire code base
Walkthrough:git clone https://github.com/pierce403/EmpirePanel.git
./empire --rest --username admin --password admin
Then from a browser, visit https://127.0.0.1:1337/, and log in with the user/pass you set.
You should then be presented with a page looking like this:
Awesome, now lets start hacking. First we need to create a listener. I'm using 192.168.174.1 for this listener because that's the IP for my vmware host.
Great. Now once we have the listener, we click into it, and generate a launcher:
This launcher is the command we run on our target system. Once we run it, we see an agent pop up.
Okay, let's click into it and see what sorts of things we can do :
Things That Work:
- Creating and destroying listeners
- Generating a launchers
- Collecting agents
- Running shell commands on agents
- Running modules on agents
Things That Don't Work Yet:
- Some agent commands, like rename, ps, etc
- UI layout consistency
- AngularJS syncing issues