Skip to content

Releases: BishopFox/sliver

v1.5.41

11 Jul 21:41
v1.5.41
f2a3915
Compare
Choose a tag to compare

v1.5.40

20 Jun 18:32
v1.5.40
c17c378
Compare
Choose a tag to compare

⚠️ Backwards incompatible changes ⚠️

This release fixes a vulnerability (CVE-2023-34758) in the Sliver Key Encapsulation Mechanism (KEM), where improper use of Nacl Box (libsodium) could allow a MitM attacker with a copy of the implant binary to recover the session key and arbitrarily encrypt/decrypt C2 messages. Note that the Sliver KEM is only used over insecure protocols such as HTTP and DNS, and does not affect mTLS or Wireguard.

The issue was addressed by switching to a combination age for the KEM and HMAC-SHA2-256 to verify the implant.

More details: GHSA-8jxm-xp43-qh3q

Special thanks to Ting-Wei Hsieh from CHT Security Co. Ltd. for reporting the vulnerability.

v1.5.39

16 May 15:43
v1.5.39
af46878
Compare
Choose a tag to compare

Commits

  • ad53f90: Bump github.com/miekg/dns from 1.1.53 to 1.1.54 (dependabot[bot]) #1217
  • 5b22e6d: Bump modernc.org/sqlite from 1.22.0 to 1.22.1 (dependabot[bot]) #1218
  • d921c3c: Add ESET Internet Security to kwnown security processes (smeukinou) #1220
  • 2f9c84c: FIX implant generation with locale limit not compiling when not in debug mode (smeukinou) #1221
  • b5e611d: FIX windows screenshot when multiple monitors are used, and they are not exactly side-by-side (smeukinou) #1222
  • a468ec8: Allow migrate to use process names (rkervella) #1223
  • 64c40ba: Bump google.golang.org/grpc from 1.54.0 to 1.55.0 (dependabot[bot]) #1226
  • 27c6e8e: Bump golang.org/x/term from 0.7.0 to 0.8.0 (dependabot[bot]) #1227
  • d547708: Go v1.20.4 (moloch--) #1229
  • 4690430: update installer to symlink sliver/sliver-client (moloch--)
  • 38a740a: Bump golang.org/x/crypto from 0.8.0 to 0.9.0 (dependabot[bot]) #1232
  • 52daa1a: Adding support for specifying DNS resolvers through advanced options (Raf) #1235

v1.5.38

28 Apr 16:33
v1.5.38
649960a
Compare
Choose a tag to compare

Commits

  • 57ddb1a: Bump golang.org/x/crypto from 0.7.0 to 0.8.0 (dependabot[bot]) #1199
  • 8c06b83: Bump gorm.io/gorm from 1.24.7-0.20230306060331-85eaf9eeda11 to 1.25.0 (dependabot[bot]) #1200
  • ef1c034: Bump gorm.io/driver/sqlite from 1.4.4 to 1.5.0 (dependabot[bot]) #1201
  • 7479e86: Bump gorm.io/driver/mysql from 1.4.7 to 1.5.0 (dependabot[bot]) #1202
  • 77ab598: pull latest beacon or session configuration on info command even if a beacon or session is currently selected to avoid displaying outdated values after a reconfiguration (Tim Makram Ghatas) #1207
  • 9e12db9: Bump modernc.org/sqlite from 1.21.1 to 1.22.0 (dependabot[bot]) #1212
  • 3599af1: Fixed nil pointer (b0yd) #1213
  • fce0221: Add Rapid 7 (cmprmsd) #1214
  • 7522a0b: Apply XOR to protobuf raw data (rkervella) #1215
  • 7c33022: Apply XOR to dnspb and commonpb too (rkervella) #1215

v1.5.37

13 Apr 17:56
v1.5.37
0a43dc6
Compare
Choose a tag to compare

Commits

  • 05a31d9: Bump google.golang.org/grpc from 1.53.0 to 1.54.0 (dependabot[bot]) #1168
  • 19b4b0b: Warn user about improper flag usage. (rkervella) #1169
  • 8fd9487: Added chmod,chown,timestomp, and added uid:gid to ls (b0yd) #1170
  • 03d93b9: Guess I'm supposed to check these in too :P (b0yd) #1170
  • 0e5d055: Import ommisions (b0yd) #1170
  • a45c996: Made pretty, with goto (b0yd) #1170
  • d344e35: Fixed issues caused by adding goto (b0yd) #1170
  • 963b3c3: Fixed import...again (b0yd) #1170
  • feacb9e: Use implant filename instead of name (rkervella) #1172
  • 2bfcaf1: Update handlers_linux.go (rwincey) #1170
  • e6645c9: Added file path for debug so it doesn't always goto stdout (b0yd) #1175
  • bd57568: Bump github.com/miekg/dns from 1.1.52 to 1.1.53 (dependabot[bot]) #1177
  • 246519d: Bump modernc.org/sqlite from 1.21.0 to 1.21.1 (dependabot[bot]) #1178
  • d2aaee9: fix implant configuration for external builders (MrAle98) #1180
  • 04e8104: minor fix (MrAle98) #1180
  • 85f51a8: Initial support for changing C2 when spawning an interactive session from a beacon. Does not support changing transports. (Raf) #1190
  • 400c629: Adding support for killing a beacon using the short form of its ID (Raf) #1182
  • 7fa1b5c: Bump golang.org/x/sys from 0.6.0 to 0.7.0 (dependabot[bot]) #1184
  • 689645d: Bump github.com/spf13/cobra from 1.6.1 to 1.7.0 (dependabot[bot]) #1187
  • 6c77808: Bump golang.org/x/text from 0.8.0 to 0.9.0 (dependabot[bot]) #1186
  • 03183ae: Bump golang.org/x/net from 0.8.0 to 0.9.0 (dependabot[bot]) #1188
  • 929e67e: Always show hostname when displaying the list of beacons (Raf) #1191
  • f09efe9: Fixing #1192. Waiting to close the job channel until all teardown tasks are done (Raf) #1193
  • 7033be8: Bump commonmarker from 0.23.8 to 0.23.9 in /docs (dependabot[bot]) #1194
  • c2adb81: Bump nokogiri from 1.14.1 to 1.14.3 in /docs (dependabot[bot]) #1195

v1.5.36

26 Mar 20:38
v1.5.36
796a0db
Compare
Choose a tag to compare

Features

  • add armory support for private Github apis #1162 (jpts)

Commits

  • 94d8b9f: Bump github.com/jedib0t/go-pretty/v6 from 6.4.4 to 6.4.6 (dependabot[bot]) #1134
  • 2f1f81c: Bump golang.org/x/term from 0.5.0 to 0.6.0 (dependabot[bot]) #1135
  • 9585b43: Bump github.com/chromedp/chromedp from 0.8.7 to 0.8.8 (dependabot[bot]) #1132
  • 9f811f8: Bump golang.org/x/net from 0.7.0 to 0.8.0 (dependabot[bot]) #1131
  • 5ab52bc: unblock execute command if no output is requested (Dominic Breuker) #1136
  • 3a8017e: Go v1.20.2 (moloch--) #1137
  • e6d9740: Go v1.20.2 (moloch--)
  • bde3cd6: Bump golang.org/x/crypto from 0.6.0 to 0.7.0 (dependabot[bot]) #1141
  • 115f47a: Bump github.com/miekg/dns from 1.1.51 to 1.1.52 (dependabot[bot]) #1142
  • 564aeec: Bump gorm.io/gorm from 1.24.5 to 1.24.6 (dependabot[bot]) #1144
  • 200a1a9: Bump github.com/fatih/color from 1.14.1 to 1.15.0 (dependabot[bot]) #1145
  • 4068faf: Bump github.com/xlab/treeprint from 1.1.0 to 1.2.0 (dependabot[bot]) #1143
  • a3ea33b: Bump github.com/chromedp/chromedp from 0.8.8 to 0.9.1 (dependabot[bot]) #1153
  • dff24ae: Bump gorm.io/driver/postgres from 1.4.8 to 1.5.0 (dependabot[bot]) #1154
  • 8291364: Bump github.com/grpc-ecosystem/go-grpc-middleware from 1.3.0 to 1.4.0 (dependabot[bot]) #1155
  • c6e65e6: Bump actions/setup-go from 3 to 4 (dependabot[bot]) #1156
  • 9d7d1b7: Bump google.golang.org/protobuf from 1.28.1 to 1.30.0 (dependabot[bot]) #1152
  • c506020: Bump github.com/cheggaaa/pb/v3 from 3.1.0 to 3.1.2 (dependabot[bot]) #1157
  • 918d729: Update DumpCookies method (rkervella) #1158
  • f1613bb: avoid race condition in the extension callback on windows beacons (Dominic Breuker) #1159
  • b0e0df1: ensure beacon registers extensions before it calls them (Dominic Breuker) #1164
  • c6a29ea: ensure waitgroup in beaconmain can never become negative (Dominic Breuker) #1164
  • 3297301: cleanup and variable rename (Dominic Breuker) #1164
  • 3d7227e: execute regular tasks and extenions concurrently (Dominic Breuker) #1164
  • 99c76c2: C2 http uri lowercased. Fixes #1126 (svl) #1166

v1.5.35

05 Mar 17:55
v1.5.35
1756fdf
Compare
Choose a tag to compare

Commits

  • b0b4751: Update go-assets.sh (Ronan Kervella) #1094
  • cfaa892: Attempt to implement docs/notion (moloch--)
  • a8a5368: Bump golang.org/x/net from 0.5.0 to 0.6.0 (dependabot[bot]) #1097
  • bca8c13: Bump gorm.io/driver/mysql from 1.4.5 to 1.4.6 (dependabot[bot]) #1101
  • 1ddeeb8: Fix missing flag in context for PsCmd (rkervella) #1103
  • 988282c: Bump golang.org/x/crypto from 0.5.0 to 0.6.0 (dependabot[bot]) #1107
  • 94a4be6: Bump modernc.org/sqlite from 1.19.3 to 1.20.4 (dependabot[bot]) #1110
  • 52e296f: Bump golang.org/x/net from 0.6.0 to 0.7.0 (dependabot[bot]) #1106
  • 50103d7: Bump gorm.io/driver/postgres from 1.4.6 to 1.4.8 (dependabot[bot]) #1108
  • 89f029f: Go v1.20.1 (moloch--) #1111
  • bc9bba5: Bump gorm.io/driver/mysql from 1.4.6 to 1.4.7 (dependabot[bot]) #1109
  • 5da01d9: Garble v1.20.2 (moloch--) #1111
  • 03ba0ea: Return zero guid on hostuuid from mac error (moloch--) #1112
  • ba69967: Update README.md (Joe)
  • 5d3247d: Bump github.com/miekg/dns from 1.1.50 to 1.1.51 (dependabot[bot]) #1116
  • 38206c0: Bump modernc.org/sqlite from 1.20.4 to 1.21.0 (dependabot[bot]) #1119
  • 617a392: Bump google.golang.org/grpc (dependabot[bot]) #1117
  • 524d584: Bump github.com/things-go/go-socks5 (dependabot[bot]) #1115
  • 93a0c15: Update go-clr, merge master (rkervella) #1122
  • e3a2ff8: Only try to read keytab if it was supplied as an argument (rkervella) #1128
  • 12e6f9a: fix defunct processes on nix (Chris Shields) #1130

v1.5.34

07 Feb 16:41
v1.5.34
d2a6fa8
Compare
Choose a tag to compare

Commits

  • 81d8b39: Bump golang.org/x/crypto from 0.4.0 to 0.5.0 (dependabot[bot]) #1061
  • 19c6e79: Bump gorm.io/gorm from 1.24.2 to 1.24.3 (dependabot[bot]) #1062
  • 72fcd30: Fix build constraints for linux/mips (moloch--) #1066
  • 1a8487e: Fix build constraints for linux/mips (moloch--) #1066
  • cfa16f7: More specific cross-platform constraints (moloch--) #1066
  • d935a03: Move DisableSGN out of protobuf since its client-side only (moloch--) #1068
  • 72c1de8: Move DisableSGN out of protobuf since its client-side only (moloch--) #1068
  • 422d491: Bump gorm.io/driver/mysql from 1.4.4 to 1.4.5 (dependabot[bot]) #1070
  • 571a601: Bump github.com/jedib0t/go-pretty/v6 from 6.4.3 to 6.4.4 (dependabot[bot]) #1071
  • 973b5bb: Fix GetCookies API call (moloch--) #1073
  • e905032: Update vendor/ (moloch--) #1073
  • 92df0e4: Style fixes (moloch--) #1073
  • 7eb77b0: Go v1.19.5 (moloch--) #1076
  • 1469482: Ensure HOME is set, remove large literal ENV (moloch--) #1076
  • fa94d98: Update go mod/vendor (moloch--) #1076
  • 25f7ac0: Bump github.com/fatih/color from 1.13.0 to 1.14.0 (dependabot[bot]) #1077
  • 9f73e63: Added Defender for Endpoint processes (Alexander Georgiev) #1078
  • 6b3d95a: Bump commonmarker from 0.23.6 to 0.23.7 in /docs (dependabot[bot]) #1080
  • 6efd539: Bump github.com/fatih/color from 1.14.0 to 1.14.1 (dependabot[bot]) #1084
  • cc7d5f8: Bump activesupport from 6.0.4.6 to 6.0.6.1 in /docs (dependabot[bot]) #1087
  • f21669b: Bump github.com/gofrs/uuid from 4.3.1+incompatible to 4.4.0+incompatible (dependabot[bot]) #1085
  • 1a2388a: fix goroutine leak (raymonder jin) #1089
  • e47516c: Add printing of two messages (Matthijs Gielen) #1090
  • e6a9744: Go v1.20 (moloch--) #1091
  • 204519b: Update garble and pb versions (moloch--) #1091
  • 4e43f2d: Fix protoc version (moloch--) #1092
  • e914850: Bump gorm.io/gorm from 1.24.3 to 1.24.5 (dependabot[bot]) #1093
  • d2a6fa8: Go v1.20 (moloch--)

v1.5.33

04 Jan 18:26
v1.5.33
ce213ed
Compare
Choose a tag to compare

Commits

v1.5.32

03 Jan 23:42
v1.5.32
0910c28
Compare
Choose a tag to compare

Commits

  • d13e3fc: Fix terminate to support beacons (rkervella) #990
  • dd91251: Add debug target (rkervella) #990
  • cef27f6: Use IP instead of Sockaddr (rkervella) #990
  • 5d8ee38: Allow user to skip reverse lookup (rkervella) #990
  • ead6b48: Add default flag value for netstat (rkervella) #990
  • a676cb3: Bump github.com/jedib0t/go-pretty/v6 from 6.4.0 to 6.4.2 (dependabot[bot]) #992
  • 4052093: Bump github.com/gofrs/uuid from 4.3.0+incompatible to 4.3.1+incompatible (dependabot[bot]) #993
  • 7e6abd2: Bump github.com/shirou/gopsutil/v3 from 3.22.9 to 3.22.10 (dependabot[bot]) #994
  • 5e6148b: improved token management (MrAle98) #996
  • 77148d0: Generate name when none has been assigned (rkervella) #998
  • 6afdad6: Bump gorm.io/driver/mysql from 1.4.3 to 1.4.4 (dependabot[bot]) #1001
  • de8c6cb: Bump github.com/Ne0nd0g/go-clr from 1.0.2 to 1.0.3 (dependabot[bot]) #1002
  • 702c237: Fix #1003 (rkervella) #1004
  • 51aa00e: Update SECURITY.md (Joe) #1008
  • 419c58e: Switch to unsafe.Slice (rkervella) #1009
  • 748407a: Update implant vendor (rkervella) #1015
  • 2a0efd1: Refactor to remove ioutil dep (rkervella) #1018
  • d778ada: Wrap filepath.Match into a custom package for windows specific code. (rkervella) #1018
  • 82cb879: Apply new logic to the downloadHandler (rkervella) #1018
  • 0ec79a8: gzip frequent object creation can lead to memory leaks (a3sroot) #1053
  • 7b6ff79: Automatically run go-assets.sh from Makefile if it hasn't been run already (James Golovich) #1052
  • 8d1dc47: Bump github.com/shirou/gopsutil/v3 from 3.22.10 to 3.22.11 (dependabot[bot]) #1020
  • a37e8d6: Bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3 (dependabot[bot]) #1021
  • cdd941b: Bump golang.org/x/text from 0.4.0 to 0.5.0 (dependabot[bot]) #1022
  • 2fefb63: Ensure Wireguard endpoint is valid before trying to use it (James Golovich) #1024
  • 0cf021d: Bump nokogiri from 1.13.9 to 1.13.10 in /docs (dependabot[bot]) #1028
  • ec2fc66: Bump golang.org/x/sys from 0.2.0 to 0.3.0 (dependabot[bot]) #1035
  • 8d1ce4c: Only alert user when --in-process is not used. (rkervella) #1038
  • 4845dfe: Bump github.com/pquerna/otp from 1.3.0 to 1.4.0 (dependabot[bot]) #1041
  • 57a4cb6: Fix the bug of the corresponding relationship between dwLogonType and dwLogonProvider in MakeToken (s3cst4rs) #1043
  • d1d2415: install script- use users' primary group name (Tom Samstag) #1046
  • d15afa2: Bump gorm.io/driver/sqlite from 1.4.3 to 1.4.4 (dependabot[bot]) #1047
  • ea045fb: Add flag to disable sgn when generating beacon shellcode (necroph0s) #1050
  • f0de5eb: Bump gorm.io/driver/postgres from 1.4.5 to 1.4.6 (dependabot[bot]) #1048
  • bf36195: Signed fix for pr #995 (moloch--) #1051
  • b900af8: Bump golang.org/x/text from 0.4.0 to 0.5.0 (dependabot[bot]) #1052
  • 19ccc10: Bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3 (dependabot[bot]) #1052
  • 35f1fdd: Bump github.com/shirou/gopsutil/v3 from 3.22.10 to 3.22.11 (dependabot[bot]) #1052
  • 4df0e87: Bump nokogiri from 1.13.9 to 1.13.10 in /docs (dependabot[bot]) #1052
  • 7bea0ee: Ensure Wireguard endpoint is valid before trying to use it (James Golovich) #1052
  • 0bf19f5: Bump golang.org/x/sys from 0.2.0 to 0.3.0 (dependabot[bot]) #1052
  • f48dfa0: Only alert user when --in-process is not used. (rkervella) #1052
  • d809a28: install script- use users' primary group name (Tom Samstag) #1052
  • 885387b: Fix the bug of the corresponding relationship between dwLogonType and dwLogonProvider in MakeToken (s3cst4rs) #1052
  • c04f3f0: Bump gorm.io/driver/sqlite from 1.4.3 to 1.4.4 (dependabot[bot]) #1052
  • a5a60a5: Bump github.com/pquerna/otp from 1.3.0 to 1.4.0 (dependabot[bot]) #1052
  • 8d97ba3: Tweak downloaded flag file, and add it to make clean-all (moloch--) #1052
  • 0796409: Bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (dependabot[bot]) #1049
  • 362efc8: Update implant vendor (rkervella) #1053
  • 206ab56: Refactor to remove ioutil dep (rkervella) #1053
  • 2a2b7db: Wrap filepath.Match into a custom package for windows specific code. (rkervella) #1053
  • 645e5e0: Apply new logic to the downloadHandler (rkervella) #1053
  • 96d242b: Bump golang.org/x/text from 0.4.0 to 0.5.0 (dependabot[bot]) #1053
  • b8723d9: Bump github.com/jedib0t/go-pretty/v6 from 6.4.2 to 6.4.3 (dependabot[bot]) #1053
  • 0c827c6: Bump github.com/shirou/gopsutil/v3 from 3.22.10 to 3.22.11 (dependabot[bot]) #1053
  • bf7ac39: Bump nokogiri from 1.13.9 to 1.13.10 in /docs (dependabot[bot]) #1053
  • 98f2340: Ensure Wireguard endpoint is valid before trying to use it (James Golovich) #1053
  • 0d1c64a: Bump golang.org/x/sys from 0.2.0 to 0.3.0 (dependabot[bot]) #1053
  • 5067333: Only alert user when --in-process is not used. (rkervella) #1053
  • 35eedd7: install script- use users' primary group name (Tom Samstag) #1053
  • cc55f38: Fix the bug of the corresponding relationship between dwLogonType and dwLogonProvider in MakeToken (s3cst4rs) #1053
  • 3ac0ff1: Bump gorm.io/driver/sqlite from 1.4.3 to 1.4.4 (dependabot[bot]) #1053
  • fa58a52: Bump github.com/pquerna/otp from 1.3.0 to 1.4.0 (dependabot[bot]) #1053
  • 067eb58: Signed fix for pr #995 (moloch--) #1053
  • 29340ac: Add flag to disable sgn when generating beacon shellcode (necroph0s) #1053
  • 7e8d228: Automatically run go-assets.sh from Makefile if it hasn't been run already (James Golovich) #1053
  • db9bc13: Tweak downloaded flag file, and add it to make clean-all (moloch--) #1053
  • 06b2e4e: Bump gorm.io/driver/postgres from 1.4.5 to 1.4.6 (dependabot[bot]) #1053
  • 6e87b94: Bump github.com/shirou/gopsutil/v3 from 3.22.11 to 3.22.12 (dependabot[bot]) #1053
  • 41c95a9: Minor tweaks (moloch--) #1053
  • ff3e370: Fix hex unit test (moloch--) #1053