编译安装c2工具sliver以及python 客户端sdk
背景:
项目需要安装sliver服务端和客户端还有sliver的python sdk;
git clone https://github.com/BishopFox/sliver.git cd sliver make # 执行make后会拉取当前服务器版的go安装包,包括windows,linux(arm/amd),darwin(arm) 其实时调用go-assets.sh文件
执行完毕后会生成sliver-server, sliver-client两个二进制文件
作为开发需要依赖protoc包,下面命令会将protoc-gen-to/protoc-gen-go-grpc 二进制文件安装到 $GOAPTH/bin下
go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.27.1 go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.2.0
还需要一个protoc二进制文件,(https://github.com/protocolbuffers/protobuf/releases/latest)下载就好;同样拷贝到$PATH下
如果要编译windows木马文件,只要mingw-64支持;我的kali机器直接执行一下命令就好,centos比较费劲直接放弃我这边没成功
apt install mingw-w64
安装完后执行一次make pb会生成一次项目的pb文件,这是grpc通信的协议文件;
make pb #执行成功后会打印如下信息,显示pb文件生成过程 protoc -I protobuf/ protobuf/commonpb/common.proto --go_out=paths=source_relative:protobuf/ protoc -I protobuf/ protobuf/sliverpb/sliver.proto --go_out=paths=source_relative:protobuf/ protoc -I protobuf/ protobuf/clientpb/client.proto --go_out=paths=source_relative:protobuf/ protoc -I protobuf/ protobuf/dnspb/dns.proto --go_out=paths=source_relative:protobuf/ protoc -I protobuf/ protobuf/rpcpb/services.proto --go_out=paths=source_relative:protobuf/ --go-grpc_out=protobuf/ --go-grpc_opt=paths=source_relative
接下来执行sliver-server,并启用多人模式
# ./sliver-server Sliver Copyright (C) 2022 Bishop Fox This program comes with ABSOLUTELY NO WARRANTY; for details type 'licenses'. This is free software, and you are welcome to redistribute it under certain conditions; type 'licenses' for details. Unpacking assets ... ███████╗██╗ ██╗██╗ ██╗███████╗██████╗ ██╔════╝██║ ██║██║ ██║██╔════╝██╔══██╗ ███████╗██║ ██║██║ ██║█████╗ ██████╔╝ ╚════██║██║ ██║╚██╗ ██╔╝██╔══╝ ██╔══██╗ ███████║███████╗██║ ╚████╔╝ ███████╗██║ ██║ ╚══════╝╚══════╝╚═╝ ╚═══╝ ╚══════╝╚═╝ ╚═╝ All hackers gain cipher [*] Server v1.5.36 - 497a4cc6984cc7447f010e73ee5554d921ee2591 - Dirty [*] Welcome to the sliver shell, please type 'help' for options [server] sliver > multiplayer [*] Multiplayer mode enabled! [server] sliver > mtls [*] Starting mTLS listener ... [*] Successfully started job #2 [server] sliver > jobs ID Name Protocol Port ==== ====== ========== ======= 1 grpc tcp 31337 2 mtls tcp 8888
接下来服务端生成一个配置文件,此配置文件供python sdk或者sliver-client使用;
[server] sliver > new-operator -h Create a new operator config file Usage: ====== new-operator [flags] Flags: ====== -h, --help display help -l, --lhost string listen host -p, --lport int listen port (default: 31337) -n, --name string operator name -s, --save string directory/file to the binary to [server] sliver > new-operator -l 192.168.2.131 -p 31337 -n kali [*] Generating new client certificate, please wait ... [*] Saved new client config to: /root/yp/kali_192.168.2.131.cfg
开始安装sliver-python扩展
pip3 install sliver-py
使用python连接sliver-server
#!/usr/bin/env python3 import os import asyncio from sliver import SliverClientConfig, SliverClient DEFAULT_CONFIG = "/root/yp/kali_192.168.2.131.cfg" async def main(): config = SliverClientConfig.parse_config_file(DEFAULT_CONFIG) client = SliverClient(config) print('[*] Connected to server ...') await client.connect() sessions = await client.sessions() print('[*] Sessions: %r' % sessions) if len(sessions): print('[*] Interacting with session %s', sessions[0].ID) interact = await client.interact_session(sessions[0].ID) ls = await interact.ls() print('[*] ls: %r' % ls) if __name__ == '__main__': asyncio.run(main())
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· TypeScript + Deepseek 打造卜卦网站:技术与玄学的结合
· Manus的开源复刻OpenManus初探
· 三行代码完成国际化适配,妙~啊~
· .NET Core 中如何实现缓存的预热?
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗?