编译安装c2工具sliver以及python 客户端sdk

背景：
项目需要安装sliver服务端和客户端还有sliver的python sdk；

git clone https://github.com/BishopFox/sliver.git
cd sliver
make  # 执行make后会拉取当前服务器版的go安装包，包括windows,linux(arm/amd),darwin(arm) 其实时调用go-assets.sh文件

执行完毕后会生成sliver-server, sliver-client两个二进制文件
作为开发需要依赖protoc包,下面命令会将protoc-gen-to/protoc-gen-go-grpc 二进制文件安装到 $GOAPTH/bin下

go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.27.1
go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2.0

还需要一个protoc二进制文件,(https://github.com/protocolbuffers/protobuf/releases/latest)下载就好；同样拷贝到$PATH下

如果要编译windows木马文件，只要mingw-64支持；我的kali机器直接执行一下命令就好，centos比较费劲直接放弃我这边没成功

apt install mingw-w64

安装完后执行一次make pb会生成一次项目的pb文件，这是grpc通信的协议文件；

make pb #执行成功后会打印如下信息，显示pb文件生成过程
protoc -I protobuf/ protobuf/commonpb/common.proto --go_out=paths=source_relative:protobuf/
protoc -I protobuf/ protobuf/sliverpb/sliver.proto --go_out=paths=source_relative:protobuf/
protoc -I protobuf/ protobuf/clientpb/client.proto --go_out=paths=source_relative:protobuf/
protoc -I protobuf/ protobuf/dnspb/dns.proto --go_out=paths=source_relative:protobuf/
protoc -I protobuf/ protobuf/rpcpb/services.proto --go_out=paths=source_relative:protobuf/ --go-grpc_out=protobuf/ --go-grpc_opt=paths=source_relative 

接下来执行sliver-server,并启用多人模式

# ./sliver-server 

Sliver  Copyright (C) 2022  Bishop Fox
This program comes with ABSOLUTELY NO WARRANTY; for details type 'licenses'.
This is free software, and you are welcome to redistribute it
under certain conditions; type 'licenses' for details.
Unpacking assets ...

    ███████╗██╗     ██╗██╗   ██╗███████╗██████╗
    ██╔════╝██║     ██║██║   ██║██╔════╝██╔══██╗
    ███████╗██║     ██║██║   ██║█████╗  ██████╔╝
    ╚════██║██║     ██║╚██╗ ██╔╝██╔══╝  ██╔══██╗
    ███████║███████╗██║ ╚████╔╝ ███████╗██║  ██║
    ╚══════╝╚══════╝╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝

All hackers gain cipher
[*] Server v1.5.36 - 497a4cc6984cc7447f010e73ee5554d921ee2591 - Dirty
[*] Welcome to the sliver shell, please type 'help' for options
[server] sliver > multiplayer 
[*] Multiplayer mode enabled!
[server] sliver > mtls 
[*] Starting mTLS listener ...
[*] Successfully started job #2
[server] sliver > jobs
 ID   Name   Protocol   Port  
==== ====== ========== =======
 1    grpc   tcp        31337 
 2    mtls   tcp        8888

接下来服务端生成一个配置文件，此配置文件供python sdk或者sliver-client使用；

[server] sliver > new-operator -h
Create a new operator config file
Usage:
======
  new-operator [flags]
Flags:
======
  -h, --help            display help
  -l, --lhost string    listen host
  -p, --lport int       listen port (default: 31337)
  -n, --name  string    operator name
  -s, --save  string    directory/file to the binary to

[server] sliver > new-operator -l 192.168.2.131 -p 31337 -n kali
[*] Generating new client certificate, please wait ... 
[*] Saved new client config to: /root/yp/kali_192.168.2.131.cfg 

开始安装sliver-python扩展

pip3 install sliver-py

使用python连接sliver-server

#!/usr/bin/env python3

import os
import asyncio
from sliver import SliverClientConfig, SliverClient

DEFAULT_CONFIG = "/root/yp/kali_192.168.2.131.cfg"

async def main():
    config = SliverClientConfig.parse_config_file(DEFAULT_CONFIG)
    client = SliverClient(config)
    print('[*] Connected to server ...')
    await client.connect()
    sessions = await client.sessions()
    print('[*] Sessions: %r' % sessions)
    if len(sessions):
        print('[*] Interacting with session %s', sessions[0].ID)
        interact = await client.interact_session(sessions[0].ID)
        ls = await interact.ls()
        print('[*] ls: %r' % ls)

if __name__ == '__main__':
    asyncio.run(main())