From 3e82b73d8f692e0a755f3524b5abf95796804aa2 Mon Sep 17 00:00:00 2001 From: hubbl3 Date: Thu, 8 Oct 2020 21:19:55 -0500 Subject: [PATCH 1/7] adding multiprocess start and kill --- SocksServer.py | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/SocksServer.py b/SocksServer.py index ed21098..3f3c071 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -9,6 +9,7 @@ import queue import threading import os +import multiprocessing class Plugin(Plugin): description = "Launches a SocksProxy Server to run in the background of Empire" @@ -35,9 +36,18 @@ def register(self, mainMenu): registering functions to be run by user commands """ mainMenu.__class__.do_socksproxy = self.do_socksproxy - def do_socksproxy(self, args): + def do_socksproxy(self, line): "Launches a SocksProxy Server to run in the background of Empire" - SocksProxy() + parts = line.split(' ') + if parts[0].lower() == "kill": + if SocksProxy in mainMenu.processes: + proxy = mainMenu.processes['SocksProxy'] + proxy.end() + elif 'SocksProxy' not in mainMenu.processes: + mainMenu.processes['SocksProxy'] = SocksProxy() + else: + print(helpers.color("[!] SocksProxy Already Running!")) + class SocksProxy(object): def __init__(self): @@ -54,9 +64,9 @@ def __init__(self): if proxy_port == "": proxy_port = "1080" - thread = threading.Thread(target=self.main, args=(handler_port, proxy_port, cert, private_key)) - thread.daemon = True - thread.start() + self.process = multiprocessing.Process(target=self.main, args=(handler_port, proxy_port, cert, private_key)) + self.process.daemon = True + self.process.start() def main(self, handler_port, proxy_port, certificate, private_key): _thread.start_new_thread(self.server, (handler_port, proxy_port, certificate, private_key)) @@ -148,3 +158,5 @@ def forward(self, source, destination): except: pass pass + def end(self): + self.process.terminate() From 99246d546ae352addc46b2c8ca216977e84ac8bd Mon Sep 17 00:00:00 2001 From: hubbl3 Date: Thu, 8 Oct 2020 21:28:46 -0500 Subject: [PATCH 2/7] mainmenu call fixes --- SocksServer.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/SocksServer.py b/SocksServer.py index 3f3c071..c156376 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -40,11 +40,11 @@ def do_socksproxy(self, line): "Launches a SocksProxy Server to run in the background of Empire" parts = line.split(' ') if parts[0].lower() == "kill": - if SocksProxy in mainMenu.processes: - proxy = mainMenu.processes['SocksProxy'] + if SocksProxy in self.mainMenu.processes: + proxy = self.mainMenu.processes['SocksProxy'] proxy.end() - elif 'SocksProxy' not in mainMenu.processes: - mainMenu.processes['SocksProxy'] = SocksProxy() + elif 'SocksProxy' not in self.mainMenu.processes: + self.mainMenu.processes['SocksProxy'] = SocksProxy() else: print(helpers.color("[!] SocksProxy Already Running!")) From b8f0e1e8f938ac093261980df1a7167992efeced Mon Sep 17 00:00:00 2001 From: Cx01N Date: Fri, 9 Oct 2020 00:53:29 -0400 Subject: [PATCH 3/7] removed import threading --- SocksServer.py | 1 - 1 file changed, 1 deletion(-) diff --git a/SocksServer.py b/SocksServer.py index c156376..1a4401b 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -7,7 +7,6 @@ import time import ssl import queue -import threading import os import multiprocessing From dbcd4efebc2a72ea49ebce59cc9f7c688ed62264 Mon Sep 17 00:00:00 2001 From: hubbl3 Date: Fri, 9 Oct 2020 00:17:28 -0500 Subject: [PATCH 4/7] made self contained --- SocksServer.py | 57 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 37 insertions(+), 20 deletions(-) diff --git a/SocksServer.py b/SocksServer.py index 1a4401b..3a61a23 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -10,14 +10,16 @@ import os import multiprocessing + class Plugin(Plugin): description = "Launches a SocksProxy Server to run in the background of Empire" def onLoad(self): self.commands = {'do_socksproxy': {'Description': 'Launch a Socks Proxy Server', - 'arg': 'the argument required and it''s description' - } + 'arg': 'the argument required and it''s description' + } } + self.proxy = SocksProxy() def execute(self, dict): try: @@ -37,35 +39,33 @@ def register(self, mainMenu): def do_socksproxy(self, line): "Launches a SocksProxy Server to run in the background of Empire" + parts = line.split(' ') if parts[0].lower() == "kill": - if SocksProxy in self.mainMenu.processes: - proxy = self.mainMenu.processes['SocksProxy'] - proxy.end() - elif 'SocksProxy' not in self.mainMenu.processes: - self.mainMenu.processes['SocksProxy'] = SocksProxy() + print(self.proxy.running) + if self.proxy.running: + self.proxy.end() + elif not self.proxy.running: + + self.proxy.start() else: print(helpers.color("[!] SocksProxy Already Running!")) class SocksProxy(object): def __init__(self): - cert_path = os.path.abspath("./data/") - cert = "%s/empire-chain.pem" % (cert_path) - private_key = "%s/empire-priv.key" % (cert_path) - if not (os.path.isfile(cert) and os.path.isfile(private_key)): + self.cert_path = os.path.abspath("./data/") + self.cert = "%s/empire-chain.pem" % (self.cert_path) + self.private_key = "%s/empire-priv.key" % (self.cert_path) + if not (os.path.isfile(self.cert) and os.path.isfile(self.private_key)): print(helpers.color("[!] Unable to find default certificate.")) - handler_port = input(helpers.color("[>] Enter Handler Port [443]: ")) - if handler_port == "": - handler_port = "443" - proxy_port = input(helpers.color("[>] Enter Proxy Port [1080]: ")) - if proxy_port == "": - proxy_port = "1080" - - self.process = multiprocessing.Process(target=self.main, args=(handler_port, proxy_port, cert, private_key)) + self.handler_port = "443" + self.proxy_port = "1080" + self.running = False + self.process = multiprocessing.Process(target=self.main, + args=(self.handler_port, self.proxy_port, self.cert, self.private_key)) self.process.daemon = True - self.process.start() def main(self, handler_port, proxy_port, certificate, private_key): _thread.start_new_thread(self.server, (handler_port, proxy_port, certificate, private_key)) @@ -157,5 +157,22 @@ def forward(self, source, destination): except: pass pass + + def start(self): + print("Starting Socks Proxy") + handler_port = input(helpers.color("[>] Enter Handler Port [443]: ")) + if handler_port == "": + self.handler_port = "443" + proxy_port = input(helpers.color("[>] Enter Proxy Port [1080]: ")) + if proxy_port == "": + self.proxy_port = "1080" + self.process = multiprocessing.Process(target=self.main, + args=(self.handler_port, self.proxy_port, self.cert, self.private_key)) + self.running = True + self.process.start() + def end(self): + print("killing process") + self.running = False self.process.terminate() + From edf4fd46d10d3e587976b42e37c8f9783da96cff Mon Sep 17 00:00:00 2001 From: Cx01N Date: Fri, 9 Oct 2020 18:35:42 -0400 Subject: [PATCH 5/7] Added readme --- README.md | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 15edb89..0571ef8 100644 --- a/README.md +++ b/README.md @@ -1 +1,22 @@ -# SocksProxyServer-Plugin \ No newline at end of file +# SocksProxyServer-Plugin +The SocksProxy Plugin runs a SocksProxy server for [Invoke-SocksProxy](https://github.com/BC-SECURITY/Invoke-SocksProxy) +entirely contained in [Empire](https://github.com/BC-SECURITY/Empire/). + +## Getting Started +* To run the plugin, you can download it fom the releases [Releases](https://github.com/BC-SECURITY/Invoke-SocksProxy/releases) page. + +## Install +Prerequisites: +- Empire 3.5.0+ + +1. Add SocksServer.py to the plugins folder of Empire. + +![image](https://user-images.githubusercontent.com/20302208/95636534-49f85f00-0a44-11eb-87c1-754a2368febb.png) + + +2. Plugins are automatically loaded into Empire as of 3.4.0, otherwise run ```plugin attack``` + +![image](https://user-images.githubusercontent.com/20302208/95636737-b5dac780-0a44-11eb-9f82-34dcb66c24fe.png) + +## Future Features +- List of active servers (similar to agents and listeners) From fd7e2a9a095bf7878162733f0aabfc7a6d63078d Mon Sep 17 00:00:00 2001 From: Cx01N Date: Fri, 9 Oct 2020 18:57:54 -0400 Subject: [PATCH 6/7] added color to inputs --- README.md | 2 ++ SocksServer.py | 17 ++++++++--------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index 0571ef8..07d408a 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,8 @@ The SocksProxy Plugin runs a SocksProxy server for [Invoke-SocksProxy](https://github.com/BC-SECURITY/Invoke-SocksProxy) entirely contained in [Empire](https://github.com/BC-SECURITY/Empire/). +![image](https://user-images.githubusercontent.com/20302208/95637897-d8221480-0a47-11eb-8a69-3f132fe5d079.png) + ## Getting Started * To run the plugin, you can download it fom the releases [Releases](https://github.com/BC-SECURITY/Invoke-SocksProxy/releases) page. diff --git a/SocksServer.py b/SocksServer.py index 3a61a23..9401ffe 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -15,7 +15,7 @@ class Plugin(Plugin): description = "Launches a SocksProxy Server to run in the background of Empire" def onLoad(self): - self.commands = {'do_socksproxy': {'Description': 'Launch a Socks Proxy Server', + self.commands = {'do_socksproxyserver': {'Description': 'Launch a Socks Proxy Server', 'arg': 'the argument required and it''s description' } } @@ -23,8 +23,8 @@ def onLoad(self): def execute(self, dict): try: - if dict['command'] == 'do_socksproxy': - results = self.do_socksproxy(dict['arguments']['arg']) + if dict['command'] == 'do_socksproxyserver': + results = self.do_socksproxyserver(dict['arguments']['arg']) return results except: return False @@ -35,9 +35,9 @@ def get_commands(self): def register(self, mainMenu): """ any modifications to the mainMenu go here - e.g. registering functions to be run by user commands """ - mainMenu.__class__.do_socksproxy = self.do_socksproxy + mainMenu.__class__.do_socksproxyserver = self.do_socksproxyserver - def do_socksproxy(self, line): + def do_socksproxyserver(self, line): "Launches a SocksProxy Server to run in the background of Empire" parts = line.split(' ') @@ -46,10 +46,9 @@ def do_socksproxy(self, line): if self.proxy.running: self.proxy.end() elif not self.proxy.running: - self.proxy.start() else: - print(helpers.color("[!] SocksProxy Already Running!")) + print(helpers.color("[!] SocksProxy Server Already Running!")) class SocksProxy(object): @@ -80,7 +79,7 @@ def handlerServer(self, q, handler_port, certificate, private_key): dock_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) dock_socket.bind(('', int(handler_port))) dock_socket.listen(5) - print(helpers.color("\n[+] Handler listening on: " + handler_port)) + print(helpers.color("\r[+] Handler listening on: " + handler_port)) while True: try: clear_socket, address = dock_socket.accept() @@ -159,7 +158,7 @@ def forward(self, source, destination): pass def start(self): - print("Starting Socks Proxy") + print(helpers.color("[*] Starting Socks Proxy")) handler_port = input(helpers.color("[>] Enter Handler Port [443]: ")) if handler_port == "": self.handler_port = "443" From ba53f73a730dc6b7716f09c3dbd4bd5761faa9cc Mon Sep 17 00:00:00 2001 From: hubbl3 Date: Sat, 10 Oct 2020 16:00:30 -0500 Subject: [PATCH 7/7] added shutdown clean up --- SocksServer.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/SocksServer.py b/SocksServer.py index 3a61a23..22f18d1 100644 --- a/SocksServer.py +++ b/SocksServer.py @@ -51,6 +51,10 @@ def do_socksproxy(self, line): else: print(helpers.color("[!] SocksProxy Already Running!")) + def shutdown(self): + """if the plugin spawns a process provide a shutdown method for when Empire exits else leave it as pass""" + if self.proxy.running: + self.proxy.end() class SocksProxy(object): def __init__(self): @@ -63,9 +67,8 @@ def __init__(self): self.handler_port = "443" self.proxy_port = "1080" self.running = False - self.process = multiprocessing.Process(target=self.main, - args=(self.handler_port, self.proxy_port, self.cert, self.private_key)) - self.process.daemon = True + self.process = None + def main(self, handler_port, proxy_port, certificate, private_key): _thread.start_new_thread(self.server, (handler_port, proxy_port, certificate, private_key)) @@ -169,10 +172,11 @@ def start(self): self.process = multiprocessing.Process(target=self.main, args=(self.handler_port, self.proxy_port, self.cert, self.private_key)) self.running = True + self.process.daemon = True self.process.start() def end(self): - print("killing process") + print(helpers.color("[!] Killing Socks Server")) self.running = False self.process.terminate()