Empire icon indicating copy to clipboard operation
Empire copied to clipboard

Published 20 hours ago verified publisher icon EmpireProject

Unicode utf8 errors in Dropbox listener

Open jeffmcjunkin opened this issue 6 years ago • 3 comments

Empire Version

2.5 (latest master, latest dev, latest Docker container)

OS Information (Linux flavor, Python version)

Ubuntu 16.04, Python 2.7.12

Expected behavior and description of the error, including any actions taken immediately prior to the error. The more detail the better.

Starting from all three of the above Empire builds:

listeners
uselistener dbx
set APIToken xxx_redacted_xxx
execute
launcher powershell

Copy-paste the PowerShell code into a Windows 10 machine, where it closes the prompt it's created in as normal.

I'd expect the agent to stage at this point, then list under agents. Instead, I get the following error:

Screenshot of error, embedded text output, or Pastebin link to the error

Exception in thread Thread-1:
Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
    self.run()
  File "/opt/Empire/lib/common/helpers.py", line 937, in __run
    self.__run_backup()
  File "/usr/lib/python2.7/threading.py", line 754, in run
    self.__target(*self.__args, **self.__kwargs)
  File "/opt/Empire//lib/listeners/dbx.py", line 982, in start_server
    dataResults = self.mainMenu.agents.handle_agent_data(stagingKey, stageData, listenerOptions)
  File "/opt/Empire/lib/common/agents.py", line 1547, in handle_agent_data
    'message': message
  File "/usr/lib/python2.7/json/__init__.py", line 244, in dumps
    return _default_encoder.encode(obj)
  File "/usr/lib/python2.7/json/encoder.py", line 207, in encode
    chunks = self.iterencode(o, _one_shot=True)
  File "/usr/lib/python2.7/json/encoder.py", line 270, in iterencode
    return _iterencode(o, 0)
UnicodeDecodeError: 'utf8' codec can't decode byte 0x8b in position 37: invalid start byte

Any additional information

Via Slack, @xorrior said "ah I think I know what the problem is fwiw but I won’t be able to look it at right now". I'm just making an issue for posterity :)

jeffmcjunkin avatar Jul 17 '18 20:07 jeffmcjunkin

I'm seeing similar when trying to launch a stager from Metasploit using either the reflectivepick or the regsvr32 sct

Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/root/empire//lib/listeners/http.py", line 1082, in handle_post
    dataResults = self.mainMenu.agents.handle_agent_data(stagingKey, requestData, listenerOptions, clientIP)
  File "/root/empire/lib/common/agents.py", line 1519, in handle_agent_data
    'message': message
  File "/usr/lib/python2.7/json/__init__.py", line 244, in dumps
    return _default_encoder.encode(obj)
  File "/usr/lib/python2.7/json/encoder.py", line 207, in encode
    chunks = self.iterencode(o, _one_shot=True)
  File "/usr/lib/python2.7/json/encoder.py", line 270, in iterencode
    return _iterencode(o, 0)
UnicodeDecodeError: **'utf8' codec can't decode byte 0xba in position 53: invalid start byte**
[2018-08-10 17:39:33,450] ERROR in app: Exception on /admin/get.php [POST]
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/usr/lib/python2.7/dist-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/root/empire//lib/listeners/http.py", line 1082, in handle_post
    dataResults = self.mainMenu.agents.handle_agent_data(stagingKey, requestData, listenerOptions, clientIP)
  File "/root/empire/lib/common/agents.py", line 1541, in handle_agent_data
    dataToReturn.append((language, self.handle_agent_staging(sessionID, language, meta, additional, encData, stagingKey, listenerOptions, clientIP)))
  File "/root/empire/lib/common/agents.py", line 1386, in handle_agent_staging
    sessionKey = self.agents[sessionID]['sessionKey']
KeyError: '9FCAVNWT'

bneg avatar Aug 10 '18 21:08 bneg

any update on this issue ? how can i fix this.

peyu123 avatar Nov 17 '18 10:11 peyu123

Same issue from my side. I'm using empire on a docker container (image f4bfc753a674) pulled from docker hub empireproject/empire:latest. Any update?

StayPirate avatar Jan 11 '19 10:01 StayPirate