README
¶
Generate
The generate package is responsible for generating Sliver binaries such as executables and shared libraries.
Documentation
¶
Index ¶
- Constants
- Variables
- func GetCodename() string
- func GetSliversDir() string
- func ImplantConfigMap() (map[string]*ImplantConfig, error)
- func ImplantConfigSave(config *ImplantConfig) error
- func ImplantFileByName(name string) ([]byte, error)
- func ImplantFileSave(name, fPath string) error
- func ImplantFiles() ([]string, error)
- func ProfileSave(name string, config *ImplantConfig) error
- func Profiles() map[string]*ImplantConfig
- func ShellcodeRDI(dllPath string, functionName string, userdata string) (shellcode []byte, err error)
- func ShellcodeRDIFromBytes(data []byte, functionName string, arguments string) (shellcode []byte, err error)
- func ShellcodeRDIToFile(dllPath string, functionName string) (shellcodePath string, err error)
- func SliverExecutable(config *ImplantConfig) (string, error)
- func SliverSharedLibrary(config *ImplantConfig) (string, error)
- func SliverShellcode(config *ImplantConfig) (string, error)
- func UpdateCanary(canary *DNSCanary) error
- type CanaryGenerator
- type DNSCanary
- type ImplantC2
- type ImplantConfig
Constants ¶
const ( // WINDOWS OS WINDOWS = "windows" // DARWIN / MacOS DARWIN = "darwin" // LINUX OS LINUX = "linux" // DefaultReconnectInterval - In seconds DefaultReconnectInterval = 60 // DefaultMTLSLPort - Default listen port DefaultMTLSLPort = 8888 // DefaultHTTPLPort - Default HTTP listen port DefaultHTTPLPort = 443 // Assume SSL, it'll fallback // SliverCC64EnvVar - Environment variable that can specify the 64 bit mingw path SliverCC64EnvVar = "SLIVER_CC_64" // SliverCC32EnvVar - Environment variable that can specify the 32 bit mingw path SliverCC32EnvVar = "SLIVER_CC_32" )
const (
// CanaryBucketName - DNS Canary bucket name
CanaryBucketName = "canaries"
)
Variables ¶
var ( // ErrImplantNotFound - More descriptive 'key not found' error ErrImplantNotFound = errors.New("Implant not found") )
Functions ¶
func ImplantConfigMap ¶
func ImplantConfigMap() (map[string]*ImplantConfig, error)
ImplantConfigMap - Get a sliver's config by it's codename
func ImplantConfigSave ¶ added in v1.5.0
func ImplantConfigSave(config *ImplantConfig) error
ImplantConfigSave - Save a configuration to the database
func ImplantFileByName ¶
ImplantFileByName - Saves a binary file into the database
func ImplantFileSave ¶
ImplantFileSave - Saves a binary file into the database
func ProfileSave ¶
func ProfileSave(name string, config *ImplantConfig) error
ProfileSave - Save a sliver profile to disk
func Profiles ¶
func Profiles() map[string]*ImplantConfig
Profiles - Fetch a map of name<->profiles current in the database
func ShellcodeRDI ¶
func ShellcodeRDI(dllPath string, functionName string, userdata string) (shellcode []byte, err error)
ShellcodeRDI generates a reflective shellcode based on a DLL file
func ShellcodeRDIFromBytes ¶
func ShellcodeRDIFromBytes(data []byte, functionName string, arguments string) (shellcode []byte, err error)
ShellcodeRDIFromBytes generate a sRDI from a byte array
func ShellcodeRDIToFile ¶
ShellcodeRDIToFile generates a sRDI shellcode and writes it to a file
func SliverExecutable ¶
func SliverExecutable(config *ImplantConfig) (string, error)
SliverExecutable - Generates a sliver executable binary
func SliverSharedLibrary ¶
func SliverSharedLibrary(config *ImplantConfig) (string, error)
SliverSharedLibrary - Generates a sliver shared library (DLL/dylib/so) binary
func SliverShellcode ¶
func SliverShellcode(config *ImplantConfig) (string, error)
SliverShellcode - Generates a sliver shellcode using sRDI
func UpdateCanary ¶
UpdateCanary - Update an existing canary
Types ¶
type CanaryGenerator ¶
CanaryGenerator - Holds data related to canary generation
func (*CanaryGenerator) GenerateCanary ¶
func (g *CanaryGenerator) GenerateCanary() string
GenerateCanary - Generate a canary domain and save it to the db
currently this gets called by template engine
type DNSCanary ¶
type DNSCanary struct {
ImplantName string `json:"implant_name"`
Domain string `json:"domain"`
Triggered bool `json:"triggered"`
FirstTrigger string `json:"first_trigger"`
LatestTrigger string `json:"latest_trigger"`
Count int `json:"count"`
}
DNSCanary - DNS canary
func CheckCanary ¶
CheckCanary - Check if a canary exists
func ListCanaries ¶
ListCanaries - List of all embedded canaries
func (*DNSCanary) ToProtobuf ¶
ToProtobuf - Return a protobuf version of the struct
type ImplantC2 ¶
type ImplantC2 struct {
Priority uint32 `json:"priority"`
URL string `json:"url"`
Options string `json:"options"`
}
ImplantC2 - C2 struct
func (ImplantC2) ToProtobuf ¶
ToProtobuf - Convert to protobuf version
type ImplantConfig ¶
type ImplantConfig struct {
// Go
GOOS string `json:"go_os"`
GOARCH string `json:"go_arch"`
// Standard
Name string `json:"name"`
CACert string `json:"ca_cert"`
Cert string `json:"cert"`
Key string `json:"key"`
Debug bool `json:"debug"`
Evasion bool `json:"evasion"`
ObfuscateSymbols bool `json:"obfuscate_symbols"`
ReconnectInterval int `json:"reconnect_interval"`
MaxConnectionErrors int `json:"max_connection_errors"`
C2 []ImplantC2 `json:"c2s"`
MTLSc2Enabled bool `json:"c2_mtls_enabled"`
HTTPc2Enabled bool `json:"c2_http_enabled"`
DNSc2Enabled bool `json:"c2_dns_enabled"`
CanaryDomains []string `json:"canary_domains"`
NamePipec2Enabled bool `json:"c2_namedpipe_enabled"`
TCPPivotc2Enabled bool `json:"c2_tcppivot_enabled"`
// Limits
LimitDomainJoined bool `json:"limit_domainjoined"`
LimitHostname string `json:"limit_hostname"`
LimitUsername string `json:"limit_username"`
LimitDatetime string `json:"limit_datetime"`
// Output Format
Format clientpb.ImplantConfig_OutputFormat `json:"format"`
// For IsSharedLib bool `json:"is_shared_lib"`
IsService bool `json:"is_service"`
IsShellcode bool `json:"is_shellcode"`
FileName string
}
ImplantConfig - Parameters when generating a implant
func ImplantConfigByName ¶
func ImplantConfigByName(name string) (*ImplantConfig, error)
ImplantConfigByName - Get a implant's config by it's codename
func ImplantConfigFromProtobuf ¶
func ImplantConfigFromProtobuf(pbConfig *clientpb.ImplantConfig) *ImplantConfig
ImplantConfigFromProtobuf - Create a native config struct from Protobuf
func ProfileByName ¶
func ProfileByName(name string) (*ImplantConfig, error)
ProfileByName - Fetch a single profile from the database
func (*ImplantConfig) ToProtobuf ¶
func (c *ImplantConfig) ToProtobuf() *clientpb.ImplantConfig
ToProtobuf - Convert ImplantConfig to protobuf equiv
Source Files