Merge branch 'master' into upload-dir

BishopFox · Nov 17, 2023 · ae5ac2a · ae5ac2a
2 parents 8c11942 + b03c2ca
commit ae5ac2a
Show file tree

Hide file tree

Showing 2,077 changed files with 181,542 additions and 68,115 deletions.
diff --git a/.github/workflows/autorelease.yml b/.github/workflows/autorelease.yml
@@ -22,7 +22,7 @@ jobs:
           git build-essential zlib1g zlib1g-dev wget zip unzip
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Git Fetch Tags
         run: git fetch --prune --unshallow --tags -f
@@ -48,7 +48,7 @@ jobs:
           go-version: "^1.21"
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Git Fetch Tags
         run: git fetch --prune --unshallow --tags -f

diff --git a/.github/workflows/codeql-scanning.yml b/.github/workflows/codeql-scanning.yml
@@ -22,7 +22,7 @@ jobs:
           go-version: "^1.21"
 
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           # Must fetch at least the immediate parents so that if this is
           # a pull request then we can checkout the head of the pull request.
@@ -36,7 +36,7 @@ jobs:
           git build-essential zlib1g zlib1g-dev wget zip unzip
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2

diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml
@@ -27,7 +27,7 @@ jobs:
           mingw-w64 binutils-mingw-w64 g++-mingw-w64 gcc-multilib
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Git Fetch Tags
         run: git fetch --prune --unshallow --tags -f
@@ -58,7 +58,7 @@ jobs:
         run: brew install mingw-w64
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Git Fetch Tags
         run: git fetch --prune --unshallow --tags -f
@@ -86,7 +86,7 @@ jobs:
           go-version: "^1.21"
 
       - name: Check Out Code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Git Fetch Tags
         run: git fetch --prune --unshallow --tags -f

diff --git a/Dockerfile b/Dockerfile
@@ -1,71 +1,67 @@
-FROM golang:1.21.3
+# STAGE: base
+## Compiles Sliver for use
+FROM --platform=linux/amd64 golang:1.21.4 as base
 
-#
-# IMPORTANT: This Dockerfile is used for testing, I do not recommend deploying
-#            Sliver using this container configuration! However, if you do want
-#            a Docker deployment this is probably a good place to start.
-#
+### Base packages
+RUN apt-get update --fix-missing && apt-get -y install \
+    git build-essential zlib1g zlib1g-dev wget zip unzip
 
-ENV PROTOC_VER 21.12
-ENV PROTOC_GEN_GO_VER v1.27.1
-ENV GRPC_GO v1.2.0
+### Add sliver user
+RUN groupadd -g 999 sliver && useradd -r -u 999 -g sliver sliver
+RUN mkdir -p /home/sliver/ && chown -R sliver:sliver /home/sliver
 
-# Base packages
+### Build sliver:
+WORKDIR /go/src/github.com/bishopfox/sliver
+ADD . /go/src/github.com/bishopfox/sliver/
+RUN make clean-all 
+RUN make 
+RUN cp -vv sliver-server /opt/sliver-server 
+
+# STAGE: test
+## Run unit tests against the compiled instance
+## Use `--target test` in the docker build command to run this stage
+FROM --platform=linux/amd64 base as test
+
+### Install testing packages
 RUN apt-get update --fix-missing && apt-get -y install \
-    git build-essential zlib1g zlib1g-dev \
     libxml2 libxml2-dev libxslt-dev locate curl \
     libreadline6-dev libcurl4-openssl-dev git-core \
     libssl-dev libyaml-dev openssl autoconf libtool \
-    ncurses-dev bison curl wget xsel postgresql \
+    ncurses-dev bison curl xsel postgresql \
     postgresql-contrib postgresql-client libpq-dev \
     libapr1 libaprutil1 libsvn1 \
     libpcap-dev libsqlite3-dev libgmp3-dev \
-    zip unzip mingw-w64 binutils-mingw-w64 g++-mingw-w64 \
+    mingw-w64 binutils-mingw-w64 g++-mingw-w64 \
     nasm gcc-multilib
 
-#
-# > User
-#
-RUN groupadd -g 999 sliver && useradd -r -u 999 -g sliver sliver
-RUN mkdir -p /home/sliver/ && chown -R sliver:sliver /home/sliver
-
-#
-# > Metasploit
-#
+### Install MSF for testing
 RUN curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall \
     && chmod 755 msfinstall \
     && ./msfinstall
-RUN mkdir -p ~/.msf4/ && touch ~/.msf4/initial_setup_complete \
-    &&  su -l sliver -c 'mkdir -p ~/.msf4/ && touch ~/.msf4/initial_setup_complete'
+RUN mkdir -p ~/.msf4/ \
+    && touch ~/.msf4/initial_setup_complete \
+    && su -l sliver -c 'mkdir -p ~/.msf4/ && touch ~/.msf4/initial_setup_complete'
 
-#
-# > Sliver
-#
+RUN /opt/sliver-server unpack --force 
 
-# Protoc
-# WORKDIR /tmp
-# RUN wget -O protoc-${PROTOC_VER}-linux-x86_64.zip https://github.com/protocolbuffers/protobuf/releases/download/v${PROTOC_VER}/protoc-${PROTOC_VER}-linux-x86_64.zip \
-#     && unzip protoc-${PROTOC_VER}-linux-x86_64.zip \
-#     && cp -vv ./bin/protoc /usr/local/bin
-# RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@${PROTOC_GEN_GO_VER} \
-#     && go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@${GRPC_GO}
+### Run unit tests
+RUN /go/src/github.com/bishopfox/sliver/go-tests.sh
 
-# Go assets
-WORKDIR /go/src/github.com/bishopfox/sliver
-ADD . /go/src/github.com/bishopfox/sliver/
-RUN make clean-all \
-    && make \
-    && cp -vv sliver-server /opt/sliver-server \
-    && /opt/sliver-server unpack --force 
+# STAGE: production
+## Final dockerized form of Sliver
+FROM --platform=linux/amd64 debian:bookworm-slim as production
 
-# Run unit tests
-RUN /go/src/github.com/bishopfox/sliver/go-tests.sh
+### Copy compiled binary
+COPY --from=base /opt/sliver-server  /opt/sliver-server
+
+### Add sliver user
+RUN groupadd -g 999 sliver && useradd -r -u 999 -g sliver sliver
+RUN mkdir -p /home/sliver/ && chown -R sliver:sliver /home/sliver
 
-# Clean up
-RUN make clean \
-    && rm -rf /go/src/* \
-    && rm -rf /home/sliver/.sliver
+### Unpack Sliver:
+RUN /opt/sliver-server unpack --force 
 
 USER sliver
 WORKDIR /home/sliver/
+VOLUME [ "/home/sliver/.sliver" ]
 ENTRYPOINT [ "/opt/sliver-server" ]
diff --git a/Makefile b/Makefile
@@ -27,7 +27,7 @@ GO_VERSION = $(shell $(GO) version)
 GO_MAJOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1)
 GO_MINOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
 MIN_SUPPORTED_GO_MAJOR_VERSION = 1
-MIN_SUPPORTED_GO_MINOR_VERSION = 20
+MIN_SUPPORTED_GO_MINOR_VERSION = 21
 GO_VERSION_VALIDATION_ERR_MSG = Golang version is not supported, please update to at least $(MIN_SUPPORTED_GO_MAJOR_VERSION).$(MIN_SUPPORTED_GO_MINOR_VERSION)
 
 VERSION ?= $(shell git describe --abbrev=0)

diff --git a/build.py b/build.py
@@ -61,14 +61,9 @@ def docker_rm_all():
 
 
 def build():
-    status = exec_cmd("docker build -t sliver .")
+    status = exec_cmd("docker build --target test .")
     if status == 0:
-        print(
-            INFO
-            + "Build successful, start with %sdocker run -it sliver:latest%s"
-            % (BOLD, NORM)
-        )
-        print(INFO + "Remember you'll need to manually forward network ports")
+        print("\n\n" + INFO + "Build successful")
 
 
 def main(args):

diff --git a/client/assets/c2profiles.go b/client/assets/c2profiles.go
@@ -0,0 +1,86 @@
+package assets
+
+/*
+	Sliver Implant Framework
+	Copyright (C) 2019  Bishop Fox
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU General Public License for more details.
+
+	You should have received a copy of the GNU General Public License
+	along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+// HTTPC2Config - Parent config file struct for implant/server
+type HTTPC2Config struct {
+	ImplantConfig HTTPC2ImplantConfig `json:"implant_config"`
+	ServerConfig  HTTPC2ServerConfig  `json:"server_config"`
+}
+
+// HTTPC2ServerConfig - Server configuration options
+type HTTPC2ServerConfig struct {
+	RandomVersionHeaders bool                   `json:"random_version_headers"`
+	Headers              []NameValueProbability `json:"headers"`
+	Cookies              []string               `json:"cookies"`
+}
+
+type NameValueProbability struct {
+	Name        string `json:"name"`
+	Value       string `json:"value"`
+	Probability int    `json:"probability"`
+	Methods     []string
+}
+
+// HTTPC2ImplantConfig - Implant configuration options
+// Procedural C2
+// ===============
+// .txt = rsakey
+// .css = start
+// .php = session
+//
+//	.js = poll
+//
+// .png = stop
+// .woff = sliver shellcode
+type HTTPC2ImplantConfig struct {
+	UserAgent         string `json:"user_agent"`
+	ChromeBaseVersion int    `json:"chrome_base_version"`
+	MacOSVersion      string `json:"macos_version"`
+
+	NonceQueryArgChars string                 `json:"nonce_query_args"`
+	URLParameters      []NameValueProbability `json:"url_parameters"`
+	Headers            []NameValueProbability `json:"headers"`
+
+	MaxFiles int `json:"max_files"`
+	MinFiles int `json:"min_files"`
+	MaxPaths int `json:"max_paths"`
+	MinPaths int `json:"min_paths"`
+
+	// Stager files and paths
+	StagerFileExt string   `json:"stager_file_ext"`
+	StagerFiles   []string `json:"stager_files"`
+	StagerPaths   []string `json:"stager_paths"`
+
+	// Poll files and paths
+	PollFileExt string   `json:"poll_file_ext"`
+	PollFiles   []string `json:"poll_files"`
+	PollPaths   []string `json:"poll_paths"`
+
+	// Session files and paths
+	StartSessionFileExt string   `json:"start_session_file_ext"`
+	SessionFileExt      string   `json:"session_file_ext"`
+	SessionFiles        []string `json:"session_files"`
+	SessionPaths        []string `json:"session_paths"`
+
+	// Close session files and paths
+	CloseFileExt string   `json:"close_file_ext"`
+	CloseFiles   []string `json:"close_files"`
+	ClosePaths   []string `json:"close_paths"`
+}
diff --git a/client/command/armory/armory.go b/client/command/armory/armory.go
@@ -36,7 +36,7 @@ import (
 	"github.com/bishopfox/sliver/client/command/extensions"
 	"github.com/bishopfox/sliver/client/command/settings"
 	"github.com/bishopfox/sliver/client/console"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ArmoryIndex - Index JSON containing alias/extension/bundle information

diff --git a/client/command/armory/install.go b/client/command/armory/install.go
@@ -32,7 +32,7 @@ import (
 	"github.com/bishopfox/sliver/client/command/extensions"
 	"github.com/bishopfox/sliver/client/console"
 	"github.com/bishopfox/sliver/client/constants"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ErrPackageNotFound - The package was not found

diff --git a/client/command/armory/parsers.go b/client/command/armory/parsers.go
@@ -33,7 +33,7 @@ import (
 	"time"
 
 	"github.com/bishopfox/sliver/client/assets"
-	"github.com/bishopfox/sliver/server/cryptography/minisign"
+	"github.com/bishopfox/sliver/util/minisign"
 )
 
 // ArmoryIndexParser - Generic interface to fetch armory indexes