Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Interactive Shell Stuck After Connection Established #1837

Open
Intrusionz3r0X opened this issue Dec 21, 2024 · 0 comments
Open

Interactive Shell Stuck After Connection Established #1837

Intrusionz3r0X opened this issue Dec 21, 2024 · 0 comments

Comments

@Intrusionz3r0X
Copy link

Intrusionz3r0X commented Dec 21, 2024

Hi team,

I have encountered an issue while using Sliver. Here's the context:

  • I created an implant pointing to my host.
  • I successfully received a back connection.
  • However, when attempting to establish an interactive shell session, it appears to get stuck.

    ███████╗██╗     ██╗██╗   ██╗███████╗██████╗
    ██╔════╝██║     ██║██║   ██║██╔════╝██╔══██╗
    ███████╗██║     ██║██║   ██║█████╗  ██████╔╝
    ╚════██║██║     ██║╚██╗ ██╔╝██╔══╝  ██╔══██╗
    ███████║███████╗██║ ╚████╔╝ ███████╗██║  ██║
    ╚══════╝╚══════╝╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝

All hackers gain persist
[*] Server v1.5.42 - 85b0e870d05ec47184958dbcb871ddee2eb9e3df
[*] Welcome to the sliver shell, please type 'help' for options

sliver > sessions 

 ID         Name               Transport   Remote Address         Hostname   Username   Operating System   Locale   Last Message                            Health  
========== ================== =========== ====================== ========== ========== ================== ======== ======================================= =========
 57bf091d   FRIENDLY_GRAMMAR   http(s)     10.129.229.147:45184   dmz01      root       linux/amd64        en-US    Sat Dec 21 21:41:06 PST 2024 (3s ago)   [ALIVE] 

sliver > use

? Select a session or beacon: SESSION  57bf091d  FRIENDLY_GRAMMAR  10.129.229.147:45184  dmz01  root  linux/amd64
[*] Active session FRIENDLY_GRAMMAR (57bf091d-5553-4207-8e34-1b80ee632b29)

sliver (FRIENDLY_GRAMMAR) > shell --no-pty --shell-path /bin/sh

? This action is bad OPSEC, are you an adult? Yes

[*] Wait approximately 10 seconds after exit, and press <enter> to continue
[*] Opening shell tunnel (EOF to exit) ...

This is the target information

ssh -i dmz01_root_id_rsa [email protected]
<SNIF>
root@dmz01:~# export TERM=xterm
root@dmz01:~# cat /etc/*-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.3 LTS"
NAME="Ubuntu"
VERSION="20.04.3 LTS (Focal Fossa)"


root@dmz01:~# uname -ar
Linux dmz01 5.4.0-113-generic #127-Ubuntu SMP Wed May 18 14:30:56 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
root@dmz01:~# 

Just as additional information I'm able to execute commands that indicate that everything is ok but the shell doesn't work properly

liver (FRIENDLY_GRAMMAR) > ifconfig

+-------------------------------------------+
| ens160                                    |
+-------------------------------------------+
| # | IP Addresses      | MAC Address       |
+---+-------------------+-------------------+
| 2 | 10.129.229.147/16 | 00:50:56:b0:a7:d8 |
+-------------------------------------------+

+-----------------------------------------+
| ens192                                  |
+-----------------------------------------+
| # | IP Addresses    | MAC Address       |
+---+-----------------+-------------------+
| 3 | 172.16.8.120/16 | 00:50:56:b0:aa:9a |
+-----------------------------------------+

+---------------------------------------+
| docker0                               |
+---------------------------------------+
| # | IP Addresses  | MAC Address       |
+---+---------------+-------------------+
| 4 | 172.17.0.1/16 | 02:42:0e:64:b8:a2 |
+---------------------------------------+

+---------------------------------------+
| br-65c448355ed2                       |
+---------------------------------------+
| # | IP Addresses  | MAC Address       |
+---+---------------+-------------------+
| 5 | 172.18.0.1/16 | 02:42:64:41:d0:d6 |
+---------------------------------------+

13 adapters not shown.

image

Thank you in advance for your support!

Best regards,
Intrusionz3r0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant