Ronan Kervella

Well if we're strictly talking about the Sliver mTLS transport, you can't really use nginx this way to do that. My understanding is that you would need to use the...

Hm looks like garble doesn't like these: https://github.com/jcmturner/gokrb5/blob/master/gssapi/MICToken.go#L44-L52

@moloch-- any chance you could update garble to the upstream versions? I can't reproduce locally with an up to date garble build. Strike that I tried with your version too,...

Well using upstream garble directly seems to work fine, so yeah, when you find some time, if you could update it on your repo that'd be nice :)

Now that we have the `ImplantConfig` attribute I should be able to fix that. IIRC `migrate` behaves in the same way (or at least it should).

I've seen some of these issues in the past, I'll try to give it a look.

Alright so I just had a quick look and most of the issues seem to be wrong argument types in the extension manifest: - sa-netlocalgroup: `server` type should be `wstring`...

@r00t0v3rr1d3 most of the issues should be fixed now.

@r00t0v3rr1d3 For the `ldapsearch` BOF, did you get it to work on Cobalt Strike? I can't get it to work with TrustedSec's COFFLoader (which our own version is based on):...

Yeah my box is domain joined, the problem is during the parsing in the loader. When the BOF is compiled, some symbols are improperly tagged, which results in the loader...