< Back
New-EmpireListener
Post
NAME New-EmpireListener
SYNOPSIS
Create a new listener on a Empire server.
SYNTAX
New-EmpireListener [-Id] <Int32> -Name <String> [-ListenerHost <String>] [-ListenerPort <Int32>] [-CertPath
<String>] [-DefaultDelay <Int32>] [-DefaultJitter <Single>] [-DefaultLostLimit <Int32>] [-DefaultProfile <String>]
[-KillDate <DateTime>] [-RedirectTarget <String>] [-StagingKey <String>] [-Type <String>] [-WorkingHours <String>]
[-NoSSLCheck] [<CommonParameters>]
New-EmpireListener [-Token] <String> [-ComputerName] <String> [[-Port] <Int32>] -Name <String> [-ListenerHost
<String>] [-ListenerPort <Int32>] [-CertPath <String>] [-DefaultDelay <Int32>] [-DefaultJitter <Single>]
[-DefaultLostLimit <Int32>] [-DefaultProfile <String>] [-KillDate <DateTime>] [-RedirectTarget <String>]
[-StagingKey <String>] [-Type <String>] [-WorkingHours <String>] [-NoSSLCheck] [<CommonParameters>]
DESCRIPTION
Create a new listener on a Empire server.
PARAMETERS
-Id <Int32>
Empire session Id of the session to use.
Required? true
Position? 1
Default value 0
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Token <String>
Empire API token to use to execute the action.
Required? true
Position? 1
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-ComputerName <String>
IP Address or FQDN of remote Empire server.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Port <Int32>
Port number to use in the connection to the remote Empire server.
Required? false
Position? 3
Default value 1337
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Name <String>
Listener name.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ListenerHost <String>
Hostname/IP for staging.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ListenerPort <Int32>
Port for the listener.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-CertPath <String>
Certificate path for https listeners.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DefaultDelay <Int32>
Agent delay/reach back interval (in seconds).
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultJitter <Single>
Jitter in agent reachback interval (0.0-1.0).
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultLostLimit <Int32>
Number of missed checkins before exiting
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultProfile <String>
Default communication profile for the agent.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-KillDate <DateTime>
Date for the listener to exit (MM/dd/yyyy).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-RedirectTarget <String>
Listener target to redirect to for pivot/hop
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-StagingKey <String>
Staging key for initial agent negotiation.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Type <String>
Listener type (native, pivot, hop, foreign, meter).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-WorkingHours <String>
Hours for the agent to operate (09:00-17:00).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NoSSLCheck [<SwitchParameter>]
Do not check if the TLS/SSL certificate of the Empire is valid.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
System.Int32
NOTES
Licensed under BSD 3-Clause license
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>New-EmpireListener -Id 1 -Name CampaingDevops -ListenerHost 192.168.1.170:443 -CertPath
"/root/Desktop/Empire/data/empire.pem"
Create an HTTPS listener by specifying a PEM certificate to use in the server on port 443.
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>New-EmpireListener -Id 1 -Name CampaingAgainstIT -ListenerHost 192.168.1.170 -ListenerPort 80
Create a listener for a phishing campaing on port 80
RELATED LINKS
SYNOPSIS
Create a new listener on a Empire server.
SYNTAX
New-EmpireListener [-Id] <Int32> -Name <String> [-ListenerHost <String>] [-ListenerPort <Int32>] [-CertPath
<String>] [-DefaultDelay <Int32>] [-DefaultJitter <Single>] [-DefaultLostLimit <Int32>] [-DefaultProfile <String>]
[-KillDate <DateTime>] [-RedirectTarget <String>] [-StagingKey <String>] [-Type <String>] [-WorkingHours <String>]
[-NoSSLCheck] [<CommonParameters>]
New-EmpireListener [-Token] <String> [-ComputerName] <String> [[-Port] <Int32>] -Name <String> [-ListenerHost
<String>] [-ListenerPort <Int32>] [-CertPath <String>] [-DefaultDelay <Int32>] [-DefaultJitter <Single>]
[-DefaultLostLimit <Int32>] [-DefaultProfile <String>] [-KillDate <DateTime>] [-RedirectTarget <String>]
[-StagingKey <String>] [-Type <String>] [-WorkingHours <String>] [-NoSSLCheck] [<CommonParameters>]
DESCRIPTION
Create a new listener on a Empire server.
PARAMETERS
-Id <Int32>
Empire session Id of the session to use.
Required? true
Position? 1
Default value 0
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Token <String>
Empire API token to use to execute the action.
Required? true
Position? 1
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-ComputerName <String>
IP Address or FQDN of remote Empire server.
Required? true
Position? 2
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Port <Int32>
Port number to use in the connection to the remote Empire server.
Required? false
Position? 3
Default value 1337
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-Name <String>
Listener name.
Required? true
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ListenerHost <String>
Hostname/IP for staging.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ListenerPort <Int32>
Port for the listener.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-CertPath <String>
Certificate path for https listeners.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-DefaultDelay <Int32>
Agent delay/reach back interval (in seconds).
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultJitter <Single>
Jitter in agent reachback interval (0.0-1.0).
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultLostLimit <Int32>
Number of missed checkins before exiting
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-DefaultProfile <String>
Default communication profile for the agent.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-KillDate <DateTime>
Date for the listener to exit (MM/dd/yyyy).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-RedirectTarget <String>
Listener target to redirect to for pivot/hop
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-StagingKey <String>
Staging key for initial agent negotiation.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-Type <String>
Listener type (native, pivot, hop, foreign, meter).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-WorkingHours <String>
Hours for the agent to operate (09:00-17:00).
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-NoSSLCheck [<SwitchParameter>]
Do not check if the TLS/SSL certificate of the Empire is valid.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
OUTPUTS
System.Int32
NOTES
Licensed under BSD 3-Clause license
-------------------------- EXAMPLE 1 --------------------------
C:\\PS>New-EmpireListener -Id 1 -Name CampaingDevops -ListenerHost 192.168.1.170:443 -CertPath
"/root/Desktop/Empire/data/empire.pem"
Create an HTTPS listener by specifying a PEM certificate to use in the server on port 443.
-------------------------- EXAMPLE 2 --------------------------
C:\\PS>New-EmpireListener -Id 1 -Name CampaingAgainstIT -ListenerHost 192.168.1.170 -ListenerPort 80
Create a listener for a phishing campaing on port 80
RELATED LINKS