Empire’s CLI

This post is part of the ‘Empire Series’ with some background and an ongoing list of series posts [kept here].

Recently, an Empire user requested that we build a ‘standalone payload generator’, similar to msfvenom’s functionality. The motivation is to provide a scriptable capability that makes integration with other tools relatively easy. This short post will cover the newly integrated command line options for Empire which allow for the scripted generation of stagers.

To display the currently available options, run ./empire -h

In order to effectively use Empire’s CLI, you need to have a listener currently set up so the data is stored in the backend empire.db database. In order to generate the stagers, an ./empire instance doesn’t have to be running at the same time (though it can be), but it does need to be executed from the same path as the Empire installation containing the configured listeners.

In order to display the active listeners, use ./empire -l

To display the configuration for a particular listener, use ./empire -l <listener_name>

If you want to display the available Empire stagers, use ./empire -s

To see the configurable options for a given stager, use ./empire -s <stager_name>

And finally, to generate a given stager, use the -o OPTION1=VALUE1 OPTION2=VALUE2 format. Be sure to note which options are required from the above configuration display.

Have fun!

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.