sliver BOFs with fileless data transfer capabilities

BOFs with fileless data transfer capabilities

Open cmprmsd opened this issue 2 years ago • 3 comments

Describe the bug I don't own a copy of Cobalt Strike but for nanodump.o (BOF) in Sliver's armory, there is a fileless option for which you at least have the write-file setting in its extension.json.

Is a feature planned to handle the implant-C2-channel data transfer or even already implemented?

Expected behavior When running BOFs with fileless capabilities the output file(s) should be transferred to the operator and downloaded to the client's cwd.

Desktop (please complete the following information):

OS: Arch
Version: 1.5.5 (both)

Feb 16 '22 12:02 cmprmsd

Yeah that's a known "bug", I need to look on how to support that.

Feb 16 '22 18:02 rkervella

Ok looks like we just need to implement the BeaconOutput function as a Go callback and wire it to the implant handler.

Feb 16 '22 18:02 rkervella

Hehe, yes I wasn't sure if it better fitted to bug or feature request as it is at least mentioned in the setting flags. :sweat_smile: Feel free to label it feature request :)

Feb 16 '22 18:02 cmprmsd

sliver sliver copied to clipboard

BOFs with fileless data transfer capabilities

sliver
sliver copied to clipboard