sliver
sliver copied to clipboard
Restructuring of some command subtrees
Note that this took me only an hour, it's just to illustrate something that I think would be quite wise on the longer run. I also know this will break compatibility with some users scripts/autoruns. I think it's worth doing this now, however, as the window would be that wide open before long.
Discard if needed, didn't cost me much :)
Card
The present PR is a single-commit one aimed at moving some commands/subcommands somewhere else in the tree, sometimes with a different verb.
Two objectives with this:
-
More elegant command tree discovery, or more generic approach with some commands. (example:
generate traffic-encoders
becomestransports encoders
in the server menu, which in turn enables to changereconfig
totransports reconfig
in the sliver implant menu.) -
Ensure a domain/activity-coherent tree of commands, so that any future development and new functionality can easily fit into it. This is mainly aimed at everything transports/C2 related, where one might see new dialers (bind) or staging stacks.
1) Changes (Server menu and excluding C2 stacks):
generate traffic-encoders # becomes
tranports # Generic transport management.
encoders
2) Changes (Sliver menu):
reconfig --jitter ... # becomes
tranports # Our generic transport command has different uses for different contexts
reconfig
msf --flags # Both of these
msf-inject # refactored into.
msf
execute # implementation of the former `msf` command
inject #
Changes (C2 commands):
This last section is where most changes take place, since its whole purpose is to enable forward development within a consistent/coherent tree.
# The `stage-listener` disappears, and is now reused in all protocol commands that support it.
http
listen # Classic Sliver listener: "stage" listener in Metasploit parlance.
serve # "Stager" listener in Msf parlance: We have content to serve (a stage).
https # Same for https
listen
serve
tcp # The TCP protocol can only stage
serve # So here it is
mtls
listen # Contrarily to mTLS.
named-pipe
listen
dns
listen
# Same for Wireguard
wg-config # both become
wg
config
listen
... # I didn't add portforwarders/socks however, would be a bit too much...
That enables to insert new stacks/tools like this:
mtls
listen
dial # Someone writes a bind handler for mtLS
https
listen
dial # Someone writes an HTTP server on the implant.
serve
send # Someone writes a bind stager handler on the implant.
# In Sliver menu
tcp
listen
dial # Bind handlers on pivots