empire-web v2.0 release: PowerShell Empire Web Interface

Empire is a post-exploitation framework that includes a pure-PowerShell2.0 Windows agent, and a pure Python 2.6/2.7 Linux/OS X agent. It is the merge of the previous PowerShell Empire and Python EmPyre projects. The framework offers cryptologically-secure communications and a flexible architecture. On the PowerShell side, Empire implements the ability to run PowerShell agents without needing powershell.exe, rapidly deployable post-exploitation modules ranging from keyloggers to Mimikatz, and adaptable communications to evade network detection, all wrapped up in a usability-focused framework.

In this article, I want to write about how to install web-based interface for Powershell Empire. If you have an entire network of agents, the web-based interface makes it easier to manage them.

1. Download and install Empire web
   git clone https://github.com/interference-security/empire-web
2. Extract empire-web to /var/www/html directory
3. Install php-curl
   apt-get install php5-curl
   or
   apt-get install php7-curl
4. Empire uses the REST of the API, ( https://github.com/EmpireProject/Empire/wiki/RESTful-API). There is a small problem – bug in the empire, which does not connect, drops the wrong password. To fix it, you need to slightly change the file empire :
   nano ~/Empire-master/empire

   # try to prevent some basic bruting
   
           time.sleep(2)
   
           username_str = ''.join(username)
   
           password_str = ''.join(password)
   
     
   
           if suppliedUsername == username_str and suppliedPassword == password_str:
   
               return jsonify({'token': apiToken})
   
           else:
   
               return make_response('', 401)

   After that everything is working as it should.

5. Now run the Empire web GUI
   ./empire –headless –restport port –username user –password pass
6. a web-based interface is available
   http://127.0.0.1/login.php

   

   

   

   

Source: https://github.com/interference-security/