Press "Enter" to skip to content

Month: February 2016

Empire’s CLI

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here]. Recently, an Empire user requested that we build a ‘standalone payload generator’, similar to msfvenom’s functionality. The motivation is to provide a scriptable capability that makes integration with other tools relatively easy. This short post will cover the newly integrated command line options for Empire which allow for the scripted generation of stagers. To display the currently available options, run ./empire -h

In order to effectively use Empire’s CLI, you need to have a listener currently set up so the data is stored in…

Nothing Lasts Forever: Persistence with Empire

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here]. Code execution is great and remote control is awesome, but if you don’t have a persistence strategy planned nothing can throw a wrench in your engagement like an unplanned reboot or user logout. This post covers 17 current Empire persistence modules that can help you with retaining hard-fought access, broken into userland/elevated options, PowerBreach, and miscellaneous approaches. We like to break reboot persistence down into a three different questions. First, are you installing the persistence from userland or an elevated context? Second, where are you storing the…