1.40.0 (2024-12-24)
- add http stager (with AES encryption) and independent HTTP listener (66f4d8c)
1.39.9 (2024-12-21)
- new
cc_host
not added to server cert, old names get repeated (e3ef171)
1.39.8 (2024-12-21)
- crash when listing module options (32cdc3d)
- crash when using
info
with no module selected (a2706c9) - do not open SFTP pane in Windows (1e6342f)
- only attemp SFTP on Linux (fd36ff9)
- unable to view crash log in C2 client (152ecf5)
1.39.7 (2024-12-20)
- argv modification is not needed in Windows (b5915c6)
1.39.6 (2024-12-20)
- #345 (b2ea89c)
- compressor issue in
arc
, sync with upstream (2a18bf8) - restore patched ELF's timestamps (mtime, atime) (8d7ac5e)
- update
loader.so
(22eaf46)
1.39.5 (2024-12-19)
__libc_dlopen_mode
deprecated in favor ofdlopen
as libdl.so has been merged into libc.so (5285b93)- fatal error in unix socket listener (1cd3065)
- more randomized persistence (WIP) (76686b1)
- upgrade
golang.org/x/net
(78ac77b)
1.39.4 (2024-12-18)
- CC has no knowledge of agent root location, causing custom module to fail (ca5f5da)
- chdir error when running custom modules (66a699f)
- collect module output (40fd645)
- no need to compress module when it already exists (54cdd18)
1.39.3 (2024-12-18)
- deprecated
rand.seed
(1515072) - disable
HidePIDs
until we find a better way (1fc1494) - do not create any files in Windows (82975d7)
- dont use
.exe
for Linux agents (1b55009) - minor bugs and code optimization (5e72139)
- path searching: crash (e982019)
- path searching: crash (24ff532)
- randomize agent root even more (Linux) (e96511c)
- simple stagers (a6d191d)
- typo in stager name (442252d)
- use shadowsocks with kcptun by default (791736d)
1.39.2 (2024-12-17)
- unable to find config data in shellcode mode (d99be9f)
1.39.1 (2024-12-17)
- use donut from upstream to support compression and latest features (a212200)
1.39.0 (2024-12-16)
- integrate donut (WIP) (93c76f2)
- possible crash (e568438)
1.38.4 (2024-11-23)
- module start scripts don't need compression (aa4869f)
- switch to
arc
asarchiver
is deprecated (17ed290) - switch to
archives
asarchiver
is deprecated (de0b493)
1.38.3 (2024-10-25)
- re-implement kcp C2 based on kcptun, use single UDP connection (331b857)
1.38.2 (2024-10-24)
- some traffic bypasses shadowsocks/kcp proxy (a45b14c)
1.38.1 (2024-10-24)
unarchive
secure path validation (ce61818)Unarchive
witharchiver/v4
implementation (fc96304)- add
config.json
formimikatz
module (a99139c) - agent root directory missing
/
(a3ef9b4) - make sure stdin closes (a328ea8)
- mimikatz's documentation (3741b36)
- permission error for Linux modules (bf0ab59)
- remove
archiver/v3
(#318) (03e6367) - use Go's built-in filepath sanitization (db76751)
- verbose (9786e1f)
1.38.0 (2024-10-23)
1.37.8 (2024-10-21)
- release-please: switch to
tar.zst
(d430c7d)
1.37.7 (2024-10-21)
1.37.6 (2024-10-20)
- deprecate MS NCSI as it doesn't support HTTPS (62f2115)
1.37.5 (2024-10-20)
- req verification for
DownloadViaCC
(e40db33)
1.37.4 (2024-09-23)
1.37.3 (2024-09-23)
1.37.2 (2024-09-17)
- some crypto functions (e425081)
1.37.1 (2024-04-21)
- update deps (f401df2)
1.37.0 (2024-04-03)
- deprecate
gen_agent
cmd in favor ofuse gen_agent
module (add0a7e)
__libc_dlopen_mode
not found (322d071)- throw error if shellcode is empty (06b6549)
- update deps (298f87c)
1.36.0 (2024-01-31)
- module help for
gen_agent
(ea3cfe7)
gen_agent
should abort when OS choice is invalid (a8c2142)- auto-complete
gen_agent
module options (71e7d79) - do not prompt for indicator text when it's disabled (f6e8c62)
- reduce CPU load (2f5ed34)
1.35.3 (2024-01-30)
1.35.2 (2024-01-30)
1.35.1 (2024-01-29)
- igonore cmdline args when run as DLL (4dd830e)
1.35.0 (2024-01-24)
- support DLL agent stub (
amd64
only) (eda0e94)
-gencert
refuses to work whenemp3r0r.json
not found (f100936)- refactor: merge Linux/Windows agent code (db70d70)
1.34.10 (2024-01-22)
- tmux keeps switching back to home window (ad9d887)
1.34.9 (2024-01-22)
- #244 (50a0221)
- agent system info pane not being updated (5e9a8ab)
- remove unnecessary colors in "system info" (ca14ba1)
- word wrapping issues (9ab1786)
1.34.8 (2024-01-19)
1.34.7 (2024-01-18)
- connectivity check should connect to C2 using uTLS (8b746c5)
1.34.6 (2024-01-17)
passProxy
proxy URL parsing error (957395e)
1.34.5 (2024-01-17)
bring2cc
fails to connect configure SOCKS5 proxy (d11c8f0)bring2cc
should start SOCKS5 server automatically (48b7311)- auto proxy broken (7b04571)
1.34.4 (2024-01-16)
-connect_relay
unable to recovery SSH session (8bde2fb)
1.34.3 (2024-01-16)
- agent aborts connection (Windows) (8c73193)
- agent aborts connection when C2 is unreachable (def1b2a)
- show C2 address in agent system info (7032d34)
- ssh C2 relay client should retry connection until SSH session is established (966147b)
1.34.2 (2024-01-13)
1.34.1 (2024-01-13)
1.34.0 (2024-01-13)
- C2 relay via SSH (522b6b3)
1.33.5 (2024-01-11)
- bash stager unable to execute agent (f406100)
- help user understand how stager URL works (71905e5)
- prefer custom bash binary (9c13feb)
- update deps (2aabc1e)
- use base64 encoding for bash stager (4d9657c)
1.33.4 (2023-12-25)
- no error reported when
lpe_helper
fails (39284ab) - scripts unable to run (32a808a)
- tmux history length too small (c15fe26)
- winpeas: support both ps1 and batch format (0ebd71c)
1.33.3 (2023-12-25)
go-console
fails to start winpty (e7e2939)
1.33.2 (2023-12-25)
lpe_winpeas
for Windows LPE (a79f8a2)split-window -l
needs%
to specify percentage (266f195)split-window -p <size>
has been deprecated in tmux newer versions (d625d87)- trying to obtain output (b90975f)
1.33.1 (2023-12-22)
lpe_linpeas
unable to run (a32187f)
1.33.0 (2023-12-22)
grab
creates on-disk file even if no path is specified (dfbf640)- tmux config: status bar scripts not working (db9ba69)
1.32.5 (2023-12-22)
-
- option to disable NCSI check 2. upgrade deps (5a14b7a)
1.32.4 (2023-11-23)
1.32.3 (2023-11-22)
1.32.2 (2023-11-02)
FileBaseName
needs to strip/
(4eca34b)
1.32.1 (2023-10-11)
- #264 add option to disable timeout in proxy altogether (e8b31e5)
- #264 disable timeout and leave cleanup job to the OS (d3cea97)
1.32.0 (2023-10-10)
- upgrade tmux config (d5fc0d0)
1.31.12 (2023-10-08)
- upgrade
mholt/archiver
(898e4a4)
1.31.11 (2023-10-08)
- security issue in
archiver
(ffd261e)
1.31.10 (2023-09-21)
1.31.9 (2023-09-20)
1.31.8 (2023-09-07)
1.31.7 (2023-09-07)
1.31.6 (2023-09-03)
- handle AES decryption panic (48e362e)
1.31.5 (2023-08-10)
1.31.4 (2023-08-04)
run_as_daemon
should always be enabled (11a3979)- loader.so should return error for non-
amd64
(4170414)
1.31.3 (2023-08-04)
- do not delay when started by loader.so (ca596e9)
1.31.2 (2023-08-03)
- do not attemp to hide without root (b69f6b1)
- loader.so unable to find exe due to malformed path name (eec2dcc)
- sometimes CA cert is not added to agent config (a003cd0)
- use
bash
shell when started by loader.so (d12bda5)
1.31.1 (2023-08-02)
VERBOSE=true
not working (b7894c4)- auto-updating hide_pid list (7a2d822)
- be silent when started by loader.so (4113d3d)
- do not overwrite backup (ef0b058)
- hidden_pids list gets overwritten (fbf7c9c)
- sort hidden_pids list (a63dcef)
- unable to read config when started by loader.so (9074fc4)
1.31.0 (2023-08-02)
- hide PIDs and files using loader.so (c54c5f5)
1.30.5 (2023-07-19)
1.30.4 (2023-07-15)
- add option to uninstall (e1a4e0d)
1.30.3 (2023-07-12)
- check if an ELF is static (d574330)
- module unpack using xz (177eaa2)
- pack modules with xz, reduce size even more (955b6bd)
- patch static ELFs and
patchelf
itself (286ddfb)
1.30.2 (2023-07-12)
- run path error (773ee53)
1.30.1 (2023-07-11)
1.30.0 (2023-07-11)
- reduce size of
vaccine
(c560dbb)
1.29.7 (2023-06-30)
- agent wait queue (f4e45f7)
1.29.6 (2023-06-30)
IsAgentAlive
stuck (2792bf3)profiles
persistence method (6321b3c)- guadian shellcode unable to start agent (9b81317)
- guardian shellcode: restore original binary (a07b280)
- let user choose to inject existing lib/sc (47fd9e6)
- optimize
profiles
persistence (963ba13) - remove
injector
inget_persistence
, etc (f7e04b1)
1.29.5 (2023-06-28)
- change process name affects loader.so (83c1109)
elf loader unable to run emp3r0r(d534359)- outdated loader.so (3ee239e)
- process renaming can't start new process (2ca3fc1)
1.29.4 (2023-06-27)
1.29.3 (2023-06-27)
inject_loader
fails to launch agent (77c445b)
1.29.2 (2023-06-26)
get_persistence
: fixprofiles
method (7a1858e)- add help to
get_persistence
(a5a9879) - argv spoofing only works with long argv0 (0f322bf)
- cleanup queue when there are too many waiting (3933766)
- daemonizing issues (argv modification fails) (d005862)
- don't install to all locations at once (87f1ebb)
- inject_loader (694fa31)
1.29.1 (2023-06-25)
- #219 (f0b414a)
get_persistence
causes unalias error (43dc8ee)get_persistence
result readability issue (438289f)- damonize and be silent when started by persistence script (e14f3eb)
1.29.0 (2023-06-21)
- switch to utls to defeat JA3 fingerprinting (b9bf54f)
1.28.0 (2023-05-24)
- unable to log to file (55c4f7b)
1.27.3 (2023-05-15)
1.27.2 (2023-05-05)
1.27.1 (2023-05-04)
- UDP forwarding (c462312)
1.27.0 (2023-05-04)
- UDP port mapping (c2b6b32)
- command time msg should exclude built-in cmds (e6a5d2d)
- portfwd timeout implementation (b22e91d)
- reduce noisy logging for debug level 2 (56b3d9a)
- remove redundant cmdline args (a2ee4f1)
- timeout connections for socks5 proxy (1b4c6ca)
1.26.8 (2023-04-21)
use
command should show more info about the selected module (e04dc5b)- agent side SOCKS5 server lacks authentication (67cba96)
1.26.7 (2023-04-19)
- #201, use winpty to support ConPTY shell on all Windows versions (dfc54c0)
- upgrade dependencies (069484a)
1.26.6 (2023-04-18)
1.26.5 (2023-04-18)
- auto-resize console buffer on elvsh start, to match C2 terminal size (71167e4)
- improve
PATH
handling on Windows/Linux (dfcf572)
1.26.4 (2023-04-14)
1.26.3 (2023-04-14)
1.26.2 (2023-04-14)
- #196 (1ec35ca)
elvsh
shell cant start due to missing agent binary (c090e08)- DownloadViaCC has racing issue (0d96ca8)
- timeout kill should not happen with cmds like
get
(9ddf659)
1.26.1 (2023-04-13)
1.26.0 (2023-04-13)
- multi-arch support (40bc0fe)
- confusion on
reverse_proxy
feature, see #190 (b6425f0) - incomplete file download percentage (b4e120e)
- syscall.Dup2 not ready for multi-arch support (13826d2)
1.25.8 (2023-04-04)
- file downloading progress might stuck at 100% when connection is interrupted (37eabb2)
1.25.7 (2023-04-03)
- disable console resizing for windows due to bugs (19e7a88)
- improve file downloading feature (2ec7f02)
1.25.6 (2023-04-02)
- c2 server no longer needs to be manually restarted when new c2 name is added (8d9a81b)
1.25.5 (2023-03-31)
- disable sysinfo warnings (e7e07a2)
- log requests to stager HTTP server (787344d)
- no need to remove in python stager (09c1c03)
- unable to read mac addr in kvm machines (virtio NIC) (58ed35a)
1.25.4 (2023-03-30)
- disable agent logging by default (687230c)
- run modules without specifying target (8630a24)
- stager content should be copied to clipboard automatically when possible (0425501)
1.25.3 (2023-03-30)
- existing stager HTTP server should shutdown gracefully when a new stager is requested (54005d8)
- python stager not working and not secure (4962cd8)
1.25.2 (2023-03-29)
- cleanup work for stager, python2, obfuscate agent binary (e91f583)
- dynamic prompt string not available after
CliAsk
orCliYesNo
(85e6eba) - write back agent binary so elvsh can still start (9966d53)
1.25.1 (2023-03-24)
linux/bash
stager serving: incorrect path (0f1b33f)- linux agent proc renaming when using
linux/bash
stager (575777f)
1.25.0 (2023-03-24)
- implement basic stager (linux/bash) (9f4f9ba)
1.24.2 (2023-03-19)
- agent won't run when packed by upx (4d35ef9)
1.24.1 (2023-03-17)
1.24.0 (2023-03-17)
- add elvsh as default shell (12eba72)
- elvsh not working in ssh (18773eb)
- elvsh should reuse sftp port (8d8c99d)
- elvsh: disable daemon (96e5293)
- remove
vim
command in favor offile_manager
(6164d95)
1.23.6 (2023-03-17)
interactive_shell
cmd env (fc386ab)interactive_shell
fails to execute due to empty argv (5b7e397)- concurrent map access in handshake thread (1adbb47)
1.23.5 (2023-03-16)
1.23.4 (2023-02-22)
- embeded bash binary won't run, throws SEGV (9fca402)
1.23.3 (2023-02-22)
- #152: drop extension name for Linux agent binary (79dfba2)
- agent fails to connect on first try (1675de9)
- report arp cache (658c823)
1.23.2 (2023-02-20)
- go get -u (8c90301)
1.23.1 (2023-02-20)
1.23.0 (2023-01-04)
- ditch static magic string for packer (f7edcc6)
- improve agent binary structure (fd76e5c)
- pack agent binary by default (linux) (4811229)
- use AES-CBC mode to support tiny-AES (72c4cea)
1.22.3 (2022-10-01)
1.22.2 (2022-09-30)
- broken shell pane for windows targets (3cbd03a)
1.22.1 (2022-09-30)
- tmux pane resizing issues (7849902)
1.22.0 (2022-09-30)
- sftp support (9b84eb9)
1.21.0 (2022-09-29)
- autocomplete items in PATH on target system (a1a6268)
- empty agent uuid (416aadc)
- fail to check command output from agent, agent then gets marked as unresponsive incorrectly (14553b6)
- lengthy log (a3e2f72)
- screenshot downloading fails (886e864)
1.20.0 (2022-09-28)
- enable tabbed UI, move agentlist to tab (7417076)
- confusing tmux error messages (1edb75b)
- killing non-existent processes (03fdf33)
- premature downloading from agent side, '.downloading' file not removed (b4598d5)
1.19.1 (2022-09-09)
- sanitize filename (33f724e)
1.19.0 (2022-09-09)
- use fallback UUID when unable to obtain product serial (bbbfd73)
1.18.0 (2022-08-18)
- bash dropper (79406ed)
1.17.5 (2022-08-15)
1.17.4 (2022-07-16)
- 149 (04188f7)
1.17.3 (2022-06-09)
- race condition in polling (0caba63)
1.17.2 (2022-06-08)
1.17.1 (2022-06-08)
1.17.0 (2022-06-08)
1.16.2 (2022-06-07)
1.16.1 (2022-05-18)
- race condition in polling (b3d4a20)
1.16.0 (2022-05-17)
- enable logging for shadowsocks server when debug level is set to
3
(4d79ea9)
1.15.9 (2022-04-19)
- command pane remains after exiting emp3r0r (ed3cf1c)
- selected agent not visible as it's on top of the list (48fc9a2)
1.15.8 (2022-04-11)
- Tmux UI outputs on wrong panes/windows (b440c60)
1.15.7 (2022-04-11)
1.15.6 (2022-04-10)
- windows sysinfo (8c7c080)
1.15.5 (2022-04-09)
interactive_shell
for Windows: fails to find shell process sometimes (bf1883d)interactive_shell
for Windows: too many callback functions (1f0155b)
1.15.4 (2022-04-08)
1.15.3 (2022-04-07)
1.15.2 (2022-04-06)
- windows
interactive_shell
has visible console windows (4dfd893)
1.15.1 (2022-04-06)
1.15.0 (2022-04-04)
- remove agent on command exec timeout (97eacdb)
1.14.7 (2022-04-02)
1.14.6 (2022-04-02)
1.14.5 (2022-04-01)
1.14.4 (2022-04-01)
garble -tiny build
in build script (b643875)
1.14.3 (2022-04-01)
- vaccine fails to configure on agent start (c74e7fb)
1.14.2 (2022-04-01)
emp3r0r --release
cannot build agent stub (a277515)
1.14.1 (2022-04-01)
- agent not reconnecting immediately after losing connection (59eaa1f)
- ConnectCC stucks when using KCP (58d5f89)
- ConnectCC timeout not implemented correctly (d58ac5e)
- KCPClient crash (f5202ef)
- KCPClient not aware of C2 disconnection (58a63a2)
- timeout TLS handshake, do not wait infinitely (24dd54f)
1.14.0 (2022-03-31)
- add verification to handshake process (6a9fc04)
1.13.0 (2022-03-31)
1.12.0 (2022-03-30)
- randomize heartbeat payload length (920d01d)
- reduce and randomize C2 heart-beat traffic, may cause longer wait time in agent state checking (dee4b30)
- agent does not connect immediately after checking in (afa4bff)
- agent re-connection takes too long (4febec6)
- alert user only when the agent is connected correctly (44ee708)
- line wrapping in
CliPrettyPrint
(f406224) - line wrapping in agent list brings extra whitespaces (3a03153)
- line wrapping inside tables (5f6b3db)
- RandStr not random enough with time.Now as seed (e3aed62)
- some values in emp3r0r.json are not updated (70c0f5e)
1.11.0 (2022-03-29)
- add shadowsocks (a8117e9)
- Add Shadowsocks obfuscator to C2 transport (73a4d67)
- use upx to further compress packed agent binaries (1c6800f)
garble -tiny
now works (3c1b9b3)
1.10.7 (2022-03-28)
- empty envv when started from memfd_exec (f6a6b7d)
- packer: pass config data and ELF through envv (b6a0d7b)
1.10.6 (2022-03-27)
1.10.5 (2022-03-26)
- PKGBUILD for blackarch (e496738)
1.10.4 (2022-03-25)
- unable to execute cat since
PATH
is not set (5049837)
1.10.3 (2022-03-25)
- filename autocompletion for packer (1a9d180)
- make packed binaries executable by default (5d2c944)
- packed agent cannot find config data (e621808)
- packer blocks UI (6788b35)
- reduce packer_stub binary size (c67fff9)
- reduce size of data package (c441325)
- unable to extract config data when agent is packed (c8b5198)
- unable to extract data from file/mem (eff9574)
- unable to extract embeded json config (1c80ec8)
1.10.2 (2022-03-25)
emp3r0r --release
fails to build packer_stub (5dd8f99)
1.10.1 (2022-03-24)
- packer_stub.exe path (7b7a2d7)
1.10.0 (2022-03-24)
- pack_agent command (7d2dcea)
1.9.0 (2022-03-23)
- emp3r0r installer (f126780)
- install emp3r0r to your system, load custom modules from ~/.emp3r0r (77f1564)
- use colored print for all fatal errors (9933d86)
- cannot pack custom modules due to incorrect path (c535350)
- emp3r0r launcher/installer path error (e4e7a91)
- gen_agent: binaries not found (31b68d1)
- modules don't load (7bac146)
- path errors (70d8362)
- set correct location for tmux scripts (a58c1a3)
1.8.1 (2022-03-22)
- 'unknown_host' in agent tag (1aa8eb4)
- no build option for Windows (9c7d22d)
- reduce agent binary size for windows version (9a486f7)
1.8.0 (2022-03-22)
- remove binary from source tree (c5955b8)
1.7.6 (2022-03-20)
- ssh shell fails to start due to 'already bind' error (18004a9)
- unable to config time intervals (b242e80)
1.7.5 (2022-03-20)
1.7.4 (2022-03-20)
1.7.3 (2022-03-20)
- disable CGO to build static binaries (f12190f)
1.7.2 (2022-03-20)
- binaries not added in archive (7383bd7)
1.7.1 (2022-03-20)
- build script typo, archive structure (ced5651)
1.7.0 (2022-03-20)
- improved C2 launcher, auto-build working (b33aa19)
1.6.13 (2022-03-20)
- upload.sh (ad2315b)
1.6.12 (2022-03-20)
- test a new release (6632334)
1.6.11 (2022-03-20)
- save some time if release not created (2dc20ef)
1.6.10 (2022-03-20)
- curl cmd in workflow file (db91dd2)
1.6.9 (2022-03-20)
- curl upload asset (058a637)
1.6.8 (2022-03-20)
- upload assets: not found (2d87428)
1.6.7 (2022-03-20)
- upload assets (c9fb994)
1.6.6 (2022-03-20)
- workflow steps (3a3b0bd)
1.6.5 (2022-03-20)
- upload-asset: file not found (a3a6c10)
1.6.4 (2022-03-20)
- trying to upload assets (8fb049d)
1.6.2 (2022-03-20)
- need to check out repo before creating release archive (dc3947b)
1.6.1 (2022-03-20)
- update go dependencies (018b533)
1.6.0 (2022-03-18)
- implement build.py in CC (4d237b0)
- build --clean success message (6eebb2b)
- build.py --target clean deletes everything (6842acc)
- ca key file name (5547eed)
- CliAsk: ignore ctrl-c and EOF (85180af)
- disallow empty input (2c3c76d)
- emp3r0r.json initialization not complete (6369379)
- init emp3r0r.json when it's not found (1aed32c)
- toggle some config options on/off (abe600f)
1.5.1 (2022-03-17)
- gen_agent: build stub.exe first (ae01a32)
1.5.0 (2022-03-17)
- build system redesigned (38cfd9f)
- build.py now generates stub.exe (3dd2009)
- change build process (a5fc6eb)
- cmd handler is blocking most commands (c500a6e)
- do not pack agent binaries (d65e675)
- generate agent id from host config (1bf31c2)
- remove windows support (3a9660e)
- rename outfile (5512998)
- emp3r0r.json: socket name (f6c42a9)
- file paths (284f161)
- gen_agent command (3121a59)
- magic string should be pre-set (9dd87a9)
- no need to decompress (eb231e9)
- python path (a437008)
- rm redundant build function (cbaa7e7)
- should rm python archive (68deedd)
- tmux cat (8d8a3c8)
- update build.py to match build dir change (0142126)
- update c2 launcher (406b1bf)
- update launcher (22b4078)
- utils_path and socket name should follow agent_root (fe514b7)
1.4.1 (2022-03-16)
- onion address checking (628d527)
- print 'go build ends' after
go build
(a73ff81) - restore source files when build is aborted (07ab26c)
1.4.0 (2022-03-16)
- add cowsay (74be24c)
- C2 prints the wrong version string (a59e18c)
- LD_LIBRARY_PATH was mistakenly unset (0cd3f3e)
- missing file in dockerscan libs (7a49ed7)
1.3.20 (2022-03-15)
- clear changlog (88b425a)