Affected by GO-2024-2993
and 6 other vulnerabilities
GO-2024-2993: Sliver Allows Authenticated Operator-to-Server Remote Code Execution in github.com/bishopfox/sliver
GO-2026-4280: Sliver Vulnerable to Pre-Auth Memory Exhaustion via NoEncoder Bypass in github.com/bishopfox/sliver
GO-2026-4466: Sliver has DNS C2 OTP Bypass that Allows Unauthenticated Session Flooding and Denial of Service in github.com/bishopfox/sliver
GO-2026-4548: Sliver has Potential Zip Bomb Denial of Service in GzipEncoder in github.com/bishopfox/sliver
GO-2026-4609: Sliver is Vulnerable to Authenticated Nil-Pointer Dereference through its Handlers in github.com/bishopfox/sliver
GO-2026-4723: Sliver Vulnerable to Authenticated OOM via Memory Exhaustion in mTLS/WireGuard Transports in github.com/bishopfox/sliver
GO-2026-4899: Sliver: Nil Pointer Dereference in tunnelCloseHandler causes panic when a reverse tunnel (rportfwd) close is attempted in github.com/bishopfox/sliver
Implements the 'shell' command group for the Sliver client console. Handlers map Cobra invocations to shell workflows such as filter reader generic and filter reader windows.
Go Files
commands.go – Exposes the interactive shell command and binds its options.
filter-reader_generic.go – Provides output filtering for shell streams on POSIX targets.
filter-reader_windows.go – Implements CRLF-aware filtering and decoding for Windows shell sessions.
shell.go – Launches interactive command shells over RPC and manages IO loops.
Affected by 
README
¶
Documentation
Source Files