diff --git a/docs/sliver-docs/components/markdown.tsx b/docs/sliver-docs/components/markdown.tsx index afd3c620ba..3d76583322 100644 --- a/docs/sliver-docs/components/markdown.tsx +++ b/docs/sliver-docs/components/markdown.tsx @@ -2,15 +2,19 @@ import CodeViewer, { CodeSchema } from "@/components/code"; import { Themes } from "@/util/themes"; import { useTheme } from "next-themes"; import Image from "next/image"; +import Link from "next/link"; +import { useRouter } from "next/router"; import Markdown from "react-markdown"; import remarkGfm from "remark-gfm"; export type MarkdownProps = { + key?: string; markdown: string; }; const MarkdownViewer = (props: MarkdownProps) => { const { theme } = useTheme(); + const router = useRouter(); return (
{ } > { + e.preventDefault(); + router.push(href); + }} + > + {children} + + ); + } const url = new URL(href || ""); if (url.protocol !== "http:" && url.protocol !== "https:") { return <>; } if (url.host === "sliver.sh") { return ( - {children} - + ); } return ( diff --git a/docs/sliver-docs/components/navbar.tsx b/docs/sliver-docs/components/navbar.tsx index 6f5d9c881f..f7272c5a70 100644 --- a/docs/sliver-docs/components/navbar.tsx +++ b/docs/sliver-docs/components/navbar.tsx @@ -107,7 +107,7 @@ export default function TopNavbar(props: TopNavbarProps) { startContent={} onKeyDown={(e) => { if (e.key === "Enter") { - router.push(`/search`, { query: { search: query } }); + router.push(`/search/`, { query: { search: query } }); setQuery(""); } }} diff --git a/docs/sliver-docs/pages/docs/index.tsx b/docs/sliver-docs/pages/docs/index.tsx index 4a2d62874d..4b81df02f8 100644 --- a/docs/sliver-docs/pages/docs/index.tsx +++ b/docs/sliver-docs/pages/docs/index.tsx @@ -1,6 +1,5 @@ import MarkdownViewer from "@/components/markdown"; import { Docs } from "@/util/docs"; -import { frags } from "@/util/frags"; import { Themes } from "@/util/themes"; import { faSearch } from "@fortawesome/free-solid-svg-icons"; import { FontAwesomeIcon } from "@fortawesome/react-fontawesome"; @@ -18,10 +17,13 @@ import { useQuery } from "@tanstack/react-query"; import Fuse from "fuse.js"; import { NextPage } from "next"; import { useTheme } from "next-themes"; +import { useSearchParams } from "next/navigation"; +import { useRouter } from "next/router"; import React from "react"; const DocsIndexPage: NextPage = () => { const { theme } = useTheme(); + const router = useRouter(); const { data: docs, isLoading } = useQuery({ queryKey: ["docs"], @@ -31,11 +33,14 @@ const DocsIndexPage: NextPage = () => { }, }); - const [name, _setName] = React.useState(decodeURI(frags.get("name") || "")); - const setName = (name: string) => { - frags.set("name", name); - _setName(name); - }; + const [name, setName] = React.useState(""); + const urlName = useSearchParams().get("name"); + React.useEffect(() => { + if (urlName) { + setName(urlName); + } + }, [urlName]); + const [markdown, setMarkdown] = React.useState( name === "" ? docs?.docs[0].content @@ -109,8 +114,7 @@ const DocsIndexPage: NextPage = () => { key={doc.name} value={doc.name} onClick={() => { - setName(doc.name); - setMarkdown(doc.content); + router.push(`/docs`, { query: { name: doc.name } }); }} > {doc.name} @@ -128,7 +132,7 @@ const DocsIndexPage: NextPage = () => { - +
diff --git a/docs/sliver-docs/pages/docs/md/Aliases and Extensions.md b/docs/sliver-docs/pages/docs/md/Aliases and Extensions.md index 65658e6c56..6cea3ca809 100644 --- a/docs/sliver-docs/pages/docs/md/Aliases and Extensions.md +++ b/docs/sliver-docs/pages/docs/md/Aliases and Extensions.md @@ -1,4 +1,4 @@ -Sliver allows an operator to extend the local client console and its features by adding new commands based on third party tools. The easiest way to install an alias or extension is using the [armory](https://github.com/BishopFox/sliver/wiki/Armory). +Sliver allows an operator to extend the local client console and its features by adding new commands based on third party tools. The easiest way to install an alias or extension is using the [armory](/docs?name=Armory). #### Aliases Command Parsing @@ -151,7 +151,7 @@ Sliver - 3rd Party extensions: To write a new alias, one must either create a shared library or a .NET assembly, then write a manifest file compliant with the description above. -As the alias support relies on Sliver side loading capabilities, please make sure to read the [Using 3rd party tools](https://github.com/BishopFox/sliver/wiki/Using-3rd-party-tools) section, to understand how shared libraries are loaded on all platforms. +As the alias support relies on Sliver side loading capabilities, please make sure to read the [Using 3rd party tools](/docs?name=Using-3rd-party-tools) section, to understand how shared libraries are loaded on all platforms. ## Extensions diff --git a/docs/sliver-docs/pages/docs/md/Anti-virus Evasion.md b/docs/sliver-docs/pages/docs/md/Anti-virus Evasion.md index af6fb8f407..55f1c9dd6a 100644 --- a/docs/sliver-docs/pages/docs/md/Anti-virus Evasion.md +++ b/docs/sliver-docs/pages/docs/md/Anti-virus Evasion.md @@ -1,4 +1,4 @@ -The Sliver authors do not consider anti-virus evasion to be within the scope of the Sliver project; there is already a myriad of works in this area. That said, Sliver is designed to be interoperable with common techniques for bypassing anti-virus software such as packers, crypters, and [stagers](https://github.com/BishopFox/sliver/wiki/Stagers). +The Sliver authors do not consider anti-virus evasion to be within the scope of the Sliver project; there is already a myriad of works in this area. That said, Sliver is designed to be interoperable with common techniques for bypassing anti-virus software such as packers, crypters, and [stagers](/docs?name=Stagers). Here are some external resources for anti-virus evasion: diff --git a/docs/sliver-docs/pages/docs/md/Architecture.md b/docs/sliver-docs/pages/docs/md/Architecture.md index b749f5e93c..939d7fd301 100644 --- a/docs/sliver-docs/pages/docs/md/Architecture.md +++ b/docs/sliver-docs/pages/docs/md/Architecture.md @@ -26,7 +26,3 @@ There are four major components to the Sliver ecosystem: ``` By implementing all functionality over this gRPC interface, and only differing the in-memory/mTLS connection types the client code doesn't "know" if it's running in the server console or the client console. Due to this, a single command implementation will work in both the server console and over the network in multiplayer mode. - -## Sliver Server - -WIP diff --git a/docs/sliver-docs/pages/docs/md/Armory.md b/docs/sliver-docs/pages/docs/md/Armory.md index 376b51cb3c..9d07c74f92 100644 --- a/docs/sliver-docs/pages/docs/md/Armory.md +++ b/docs/sliver-docs/pages/docs/md/Armory.md @@ -2,7 +2,7 @@ The armory is the Sliver Alias and Extension package manager (introduced in Sliv The armory downloads packages from `github.com` and `api.github.com` so you'll need an internet connection in order for the command to work. The command does support proxies (see `--help`) and after an alias or extension is installed an internet connection is not required to execute the alias/extension. -Aliases and extensions are installed on the "sliver client"-side, and thus are not shared among operators in [multiplayer mode](https://github.com/BishopFox/sliver/wiki/Multiplayer-Mode). +Aliases and extensions are installed on the "sliver client"-side, and thus are not shared among operators in [multiplayer mode](/docs?name=Multi-player+Mode). As of v1.5.14 you can also use `armory install all` to install _everything_ if you really want to. diff --git a/docs/sliver-docs/pages/docs/md/Audit Log.md b/docs/sliver-docs/pages/docs/md/Audit Log.md index d7038d36ba..298d88e799 100644 --- a/docs/sliver-docs/pages/docs/md/Audit Log.md +++ b/docs/sliver-docs/pages/docs/md/Audit Log.md @@ -1,6 +1,6 @@ Sliver keeps an audit log of every command and its arguments executed by the server (including commands executed by operators in multiplayer mode), as well as most events (such as a new session or beacon connecting to the server). The audit log's intended use is for after-action analysis; providing a detailed history of the entire engagement, including which commands were executed on which hosts when. This will include any commands executed by any operator on any session. Note some console commands only perform actions on the "client-side" and may not appear in the audit log, but will still appear in the client's command history. Additionally, interactive commands (e.g., `shell`) may not appear in the logs aside from the initial usage of the `shell` command. -By default the audit log is located on the server at: `~/.sliver/logs/audit.json`. However, this can be changed by modifying the [`SLIVER_ROOT_DIR`](https://github.com/BishopFox/sliver/wiki/Environment-Variables#assets) environment variable. +By default the audit log is located on the server at: `~/.sliver/logs/audit.json`. However, this can be changed by modifying the [`SLIVER_ROOT_DIR`](/docs?name=Environment-Variables#assets) environment variable. #### Parsing Audit Logs diff --git a/docs/sliver-docs/pages/docs/md/BOF and COFF Support.md b/docs/sliver-docs/pages/docs/md/BOF and COFF Support.md index 4bbd20e465..bde8890e8b 100644 --- a/docs/sliver-docs/pages/docs/md/BOF and COFF Support.md +++ b/docs/sliver-docs/pages/docs/md/BOF and COFF Support.md @@ -2,9 +2,9 @@ Sliver v1.5 and later support the loading and execution of BOFs and COFFs, gener ### BOF Extensions -BOF support is provided via the [COFF Loader](https://github.com/sliverarmory/COFFLoader) extension, you'll need it installed to run pretty much any BOF. However, the COFF Loader will be installed automatically if you install a BOF extension from the [armory](https://github.com/BishopFox/sliver/wiki/Armory). +BOF support is provided via the [COFF Loader](https://github.com/sliverarmory/COFFLoader) extension, you'll need it installed to run pretty much any BOF. However, the COFF Loader will be installed automatically if you install a BOF extension from the [armory](/docs?name=Armory). -The easiest way to install a BOF extension, for example [`nanodump`](https://github.com/sliverarmory/nanodump), is using the [armory](https://github.com/BishopFox/sliver/wiki/Armory) package manager: +The easiest way to install a BOF extension, for example [`nanodump`](https://github.com/sliverarmory/nanodump), is using the [armory](/docs?name=Armory) package manager: **IMPORTANT:** BOF Extensions are installed per-sliver client, they are not stored on the server. Thus extensions are not shared across operators, each operator must install the extension to use it. @@ -114,6 +114,6 @@ Looking at the script we can see the BOF requires a single integer argument. The Once the manifest is defined load it into your client using `extensions load`, locally loaded extensions do not need to be cryptographically signed. The paths in the manifest should be relative to the manifest file, parent directories are not allowed. -More details can be found on the [Aliases & Extensions](https://github.com/BishopFox/sliver/wiki/Aliases-&-Extensions) page. +More details can be found on the [Aliases & Extensions](/docs?name=Aliases-&-Extensions) page. **IMPORTANT:** For BOF extensions to be properly detected by the Sliver client, the `path` must use the `.o` file extension. diff --git a/docs/sliver-docs/pages/docs/md/Configuration Files.md b/docs/sliver-docs/pages/docs/md/Configuration Files.md index e9e3dae4c8..17d614de8a 100644 --- a/docs/sliver-docs/pages/docs/md/Configuration Files.md +++ b/docs/sliver-docs/pages/docs/md/Configuration Files.md @@ -1,6 +1,6 @@ ### General Server Configuration -Starting in version 1.0.0 the Sliver server has a configuration file located the `configs` sub-directory of the [`SLIVER_ROOT_DIR`](https://github.com/BishopFox/sliver/wiki/Environment-Variables#assets), by default this will be `~/.sliver/configs/server.json`. If no configuration file exists, a default configuration will be generated and written to disk on startup. The default configuration is shown below: +Starting in version 1.0.0 the Sliver server has a configuration file located the `configs` sub-directory of the [`SLIVER_ROOT_DIR`](/docs?name=Environment-Variables#assets), by default this will be `~/.sliver/configs/server.json`. If no configuration file exists, a default configuration will be generated and written to disk on startup. The default configuration is shown below: #### Default Server Config @@ -21,7 +21,7 @@ Starting in version 1.0.0 the Sliver server has a configuration file located the #### Configuration Options -- `daemon_mode` - Enable [daemon mode](https://github.com/BishopFox/sliver/wiki/Daemon-Mode) +- `daemon_mode` - Enable [daemon mode](/docs?name=Daemon-Mode) - `daemon` - An object containing options related to `daemon_mode`, these values are only used when `daemon_mode` is set to `true`. - `host` - What network interface to bind the `daemon_mode` client listener to. By default this is an empty string, which indicates binding to all interfaces. - `port` - TCP port to bind the `deamon_mode` client listener to. @@ -68,7 +68,7 @@ Starting in version v1.1.0 Sliver supports SQL database configurations, by defau ### Operator -Client configurations must be generated by the server (they contain per-user key pairs). For more details see [multiplayer mode](https://github.com/BishopFox/sliver/wiki/Multiplayer-Mode), and example configuration is shown below. Client configuration files can be copied into `~/.sliver-client/configs/`: +Client configurations must be generated by the server (they contain per-user key pairs). For more details see [multiplayer mode](/docs?name=Multi-player+Mode), and example configuration is shown below. Client configuration files can be copied into `~/.sliver-client/configs/`: ```json { diff --git a/docs/sliver-docs/pages/docs/md/Cross-compiling Implants.md b/docs/sliver-docs/pages/docs/md/Cross-compiling Implants.md index 06fbbacff5..c90c876927 100644 --- a/docs/sliver-docs/pages/docs/md/Cross-compiling Implants.md +++ b/docs/sliver-docs/pages/docs/md/Cross-compiling Implants.md @@ -2,7 +2,7 @@ Sliver can tell you which platforms it can likely target based on the server's platform and available cross-compilers by running the `generate info` command in the console. -Sliver v1.5.30 and later also support [External Builders](https://github.com/BishopFox/sliver/wiki/External-Builders), which can be used to easily cross-compile implants. +Sliver v1.5.30 and later also support [External Builders](/docs?name=External-Builders), which can be used to easily cross-compile implants. ## From Linux to MacOS/Windows @@ -12,7 +12,7 @@ To compile Windows shared library and shellcode implants from Linux, install min sudo apt install mingw-w64 ``` -To compile MacOS shared library implants from Linux, we recommend using https://github.com/tpoechtrager/osxcross by default Sliver will look in `/opt/osxcross` but you can override this via [environment variables](https://github.com/BishopFox/sliver/wiki/Environment-Variables). If you do not have a MacOS based machine you can use GitHub Actions' MacOS instances to build OSXCross. +To compile MacOS shared library implants from Linux, we recommend using https://github.com/tpoechtrager/osxcross by default Sliver will look in `/opt/osxcross` but you can override this via [environment variables](/docs?name=Environment-Variables). If you do not have a MacOS based machine you can use GitHub Actions' MacOS instances to build OSXCross. **NOTE:** Sliver expects the root of the osxcross git repo to be located at `/opt/osxcross` and the actual binaries in `/opt/osxcross/target/bin`. @@ -26,7 +26,7 @@ cd /opt/osxcross UNATTENDED=1 ./build.sh ``` -Sliver automatically looks in the default paths for these cross compilers, once installed simply use the `generate` command with the desired `--os` and `--arch`, check `~/.sliver/logs/sliver.log` for build errors. You can override any cross compiler location via the appropriate [environment variables](https://github.com/BishopFox/sliver/wiki/Environment-Variables). +Sliver automatically looks in the default paths for these cross compilers, once installed simply use the `generate` command with the desired `--os` and `--arch`, check `~/.sliver/logs/sliver.log` for build errors. You can override any cross compiler location via the appropriate [environment variables](/docs?name=Environment-Variables). ## From MacOS to Linux/Windows @@ -43,7 +43,7 @@ brew install FiloSottile/musl-cross/musl-cross brew install mingw-w64 ``` -I'm not aware of any good options to target 32-bit Linux from MacOS. Sliver automatically looks in the default paths for these cross compilers, once installed simply use the `generate` command with the desired `--os` and `--arch`, check `~/.sliver/logs/sliver.log` for build errors. You can override any cross compiler location via the appropriate [environment variables](https://github.com/BishopFox/sliver/wiki/Environment-Variables). +I'm not aware of any good options to target 32-bit Linux from MacOS. Sliver automatically looks in the default paths for these cross compilers, once installed simply use the `generate` command with the desired `--os` and `--arch`, check `~/.sliver/logs/sliver.log` for build errors. You can override any cross compiler location via the appropriate [environment variables](/docs?name=Environment-Variables). ## From Windows to MacOS/Linux diff --git a/docs/sliver-docs/pages/docs/md/DNS C2.md b/docs/sliver-docs/pages/docs/md/DNS C2.md index d24eb10dc9..655196a1b3 100644 --- a/docs/sliver-docs/pages/docs/md/DNS C2.md +++ b/docs/sliver-docs/pages/docs/md/DNS C2.md @@ -59,7 +59,7 @@ nameserver 8.8.8.8 # Under the Hood -**NOTE:** This describes the v1.5+ implementation of DNS C2. Also, I'm not going to cover the cryptographic key exchange, which you can read about [here](https://github.com/BishopFox/sliver/wiki/Transport-Encryption), this is just about how do we move bytes back and forth. +**NOTE:** This describes the v1.5+ implementation of DNS C2. Also, I'm not going to cover the cryptographic key exchange, which you can read about [here](/docs?name=Transport-Encryption), this is just about how do we move bytes back and forth. ### Design Goals diff --git a/docs/sliver-docs/pages/docs/md/Daemon Mode.md b/docs/sliver-docs/pages/docs/md/Daemon Mode.md index 0ad304b4af..f50b2ab87b 100644 --- a/docs/sliver-docs/pages/docs/md/Daemon Mode.md +++ b/docs/sliver-docs/pages/docs/md/Daemon Mode.md @@ -1,4 +1,4 @@ -Starting in v1.0.0 Sliver supports running in "daemon mode," which automatically starts a client listener (but not an interactive console). In order to connect to a server running in daemon mode you'll need to use [multiplayer mode](https://github.com/BishopFox/sliver/wiki/Multiplayer-Mode). +Starting in v1.0.0 Sliver supports running in "daemon mode," which automatically starts a client listener (but not an interactive console). In order to connect to a server running in daemon mode you'll need to use [multiplayer mode](/docs?name=Multi-player+Mode). There are two ways to start the server in daemon mode: @@ -25,4 +25,4 @@ $ cat ~/.sliver/configs/server.json #### systemd -With this config you can easily setup a [systemd service](https://www.linode.com/docs/quick-answers/linux/start-service-at-boot/) or init script. See the [Linux install script](https://github.com/BishopFox/sliver/wiki/Linux-Install-Script) for an example. +With this config you can easily setup a [systemd service](https://www.linode.com/docs/quick-answers/linux/start-service-at-boot/) or init script. See the [Linux install script](/docs?name=Linux-Install-Script) for an example. diff --git a/docs/sliver-docs/pages/docs/md/External Builders.md b/docs/sliver-docs/pages/docs/md/External Builders.md index d455d92cc3..218c665ca3 100644 --- a/docs/sliver-docs/pages/docs/md/External Builders.md +++ b/docs/sliver-docs/pages/docs/md/External Builders.md @@ -24,7 +24,7 @@ External builders can also be used to create custom modifications to the implant #### Setup -Any `sliver-server` binary can be started as a builder process using [operator configuration files from multiplayer-mode](https://github.com/BishopFox/sliver/wiki/Multiplayer-Mode) from the server you want to connect the builder to, for example: +Any `sliver-server` binary can be started as a builder process using [operator configuration files from multiplayer-mode](/docs?name=Multi-player+Mode) from the server you want to connect the builder to, for example: ``` ./sliver-server builder -c operator-multiplayer.cfg @@ -86,7 +86,7 @@ You are welcome to customize the implant source code under the terms of Sliver's 1. Fork the main Sliver Github repository 1. Make modifications to the source code -1. [Compile a Sliver server binary](https://github.com/BishopFox/sliver/wiki/Compile-From-Source) +1. [Compile a Sliver server binary](/docs?name=Compile-From-Source) 1. Connect the customized Sliver server binary to any other C2 server (including mainline servers) as an external builder 1. Operators can generate the customized implant builds via the `generate --external-builder` flag 1. Avoid making any changes to `/server` to make merging upstream easier if changes are introduced to the builder APIs diff --git a/docs/sliver-docs/pages/docs/md/Getting Started.md b/docs/sliver-docs/pages/docs/md/Getting Started.md index 9827cb8b45..d37e0154bd 100644 --- a/docs/sliver-docs/pages/docs/md/Getting Started.md +++ b/docs/sliver-docs/pages/docs/md/Getting Started.md @@ -1,20 +1,20 @@ -**⚠️ NOTE:** This guide is intended for experienced red teamers, but we also have a [Beginner's Guide](https://github.com/BishopFox/sliver/wiki/Beginner's-Guide) for a more beginner friendly tutorial. +**⚠️ NOTE:** This guide is intended for experienced red teamers, but we also have a [Beginner's Guide](/docs?name=Beginner's-Guide) for a more beginner friendly tutorial. ## Server Setup Download the latest server [release](https://github.com/BishopFox/sliver/releases) for your platform, and just run the binary. That's it, you're pretty much done. -Sliver is designed for a one server deployment per-operation. The server supports Linux, Windows, and MacOS however we strongly recommend running the server on a Linux host (or MacOS, well really anything that isn't Windows), as some features may be more difficult to get working on a Windows server. The Windows client should work just fine when accessing a Linux/MacOS server from Windows, if for some odd reason your operators want to actually use Windows you'll just need to setup [multiplayer mode](https://github.com/BishopFox/sliver/wiki/Multiplayer-Mode). +Sliver is designed for a one server deployment per-operation. The server supports Linux, Windows, and MacOS however we strongly recommend running the server on a Linux host (or MacOS, well really anything that isn't Windows), as some features may be more difficult to get working on a Windows server. The Windows client should work just fine when accessing a Linux/MacOS server from Windows, if for some odd reason your operators want to actually use Windows you'll just need to setup [multiplayer mode](/docs?name=Multi-player+Mode). Obfuscated builds require `git` to be installed. Additionally, Sliver has two external dependencies for _optional_ features: MinGW and Metasploit. To enable DLL payloads (on a Linux server) you need to install MinGW. To enable some MSF integrations you'll need Metasploit installed on the server. #### System Requirements -The Sliver server can run effectively on almost any system, however we recommend 8GB or more of RAM for compiling obfuscated implants as the obfuscator may consume large amounts of memory depending on compile-time options. You can leverage [external builders](https://github.com/BishopFox/sliver/wiki/External-Builders) in conjunction with low resource systems to work around hardware limitations of the server (e.g. a low powered VPS). Symbol obfuscation can also be disabled per-build, see `generate --help` in the Sliver console. +The Sliver server can run effectively on almost any system, however we recommend 8GB or more of RAM for compiling obfuscated implants as the obfuscator may consume large amounts of memory depending on compile-time options. You can leverage [external builders](/docs?name=External-Builders) in conjunction with low resource systems to work around hardware limitations of the server (e.g. a low powered VPS). Symbol obfuscation can also be disabled per-build, see `generate --help` in the Sliver console. ### MinGW Setup (Optional, Recommended) -In order to enable shellcode/staged/DLL payloads you'll need to install MinGW on the server (clients connecting to the server do not need it installed). By default Sliver will look in the usual places for MinGW binaries but you can override this using the [environment variables](https://github.com/BishopFox/sliver/wiki/Environment-Variables). +In order to enable shellcode/staged/DLL payloads you'll need to install MinGW on the server (clients connecting to the server do not need it installed). By default Sliver will look in the usual places for MinGW binaries but you can override this using the [environment variables](/docs?name=Environment-Variables). #### Linux (Debian-based) @@ -28,9 +28,9 @@ apt install git mingw-w64 brew install git mingw-w64 ``` -**Note:** On MacOS you may need to configure [environment variables](https://github.com/BishopFox/sliver/wiki/Environment-Variables) for MinGW. +**Note:** On MacOS you may need to configure [environment variables](/docs?name=Environment-Variables) for MinGW. -See [cross-compiling implants](https://github.com/BishopFox/sliver/wiki/Cross-Compiling-Implants) for more details. +See [cross-compiling implants](/docs?name=Cross-Compiling-Implants) for more details. ### Metasploit Setup (Optional) @@ -38,7 +38,7 @@ We strongly recommend using the [nightly framework installers](https://github.co ## Implants: Beacon vs. Session -Sliver is generally designed as a stage 2 payload, and as such we've not yet endeavored to minimize the implant's file size. Depending on how many protocols you enable in your implant the file can get large, we strongly advise the use of [stagers](https://github.com/BishopFox/sliver/wiki/Stagers) for actual operations (at least in contexts where one may be concerned about file size). Such is the tradeoff for getting easy static compilation in Golang. +Sliver is generally designed as a stage 2 payload, and as such we've not yet endeavored to minimize the implant's file size. Depending on how many protocols you enable in your implant the file can get large, we strongly advise the use of [stagers](/docs?name=Stagers) for actual operations (at least in contexts where one may be concerned about file size). Such is the tradeoff for getting easy static compilation in Golang. Sliver implants in v1.5 and later support two modes of operation: "beacon mode" and "session mode." Beacon mode implements an asynchronous communication style where the implant periodically checks in with the server retrieves tasks, executes them, and returns the results. In "session mode" the implant will create an interactive real time session using either a persistent connection or using long polling depending on the underlying C2 protocol. @@ -111,8 +111,8 @@ sliver > regenerate --save /Users/moloch/Desktop NEW_GRAPE For addition details about each C2 please see: -- [HTTP(S) C2]() -- [DNS C2](https://github.com/BishopFox/sliver/wiki/DNS-C2) +- [HTTP(S) C2]() +- [DNS C2](/docs?name=DNS-C2) ## Getting Shells @@ -153,7 +153,7 @@ sliver (LONG_DRAMATURGE) > ls LONG_DRAMATURGE 6.3 MiB ``` -If you're having problems getting callbacks please see our [troubleshooting guide](https://github.com/BishopFox/sliver/wiki/Troubleshooting#implant-troubleshooting), (TL;DR add the `--debug` flag when generating an implant). +If you're having problems getting callbacks please see our [troubleshooting guide](/docs?name=Troubleshooting#implant-troubleshooting), (TL;DR add the `--debug` flag when generating an implant). ### Interacting with Beacons @@ -244,9 +244,9 @@ sliver > generate --mtls foo.com,bar.com,baz.com --strategy r Most commands have a `--help` and support tab complete, you may also find the following wiki articles of interest: -- [Armory](https://sliver.sh/docs#name=Armory) -- [Stagers](https://sliver.sh/docs#name=Stagers) -- [Community Guides](https://sliver.sh/docs#name=Community%20Guides) -- [Port Forwarding](https://sliver.sh/docs#name=Port%20Forwarding) -- [Reverse SOCKS](https://sliver.sh/docs#name=Reverse%20SOCKS) -- [BOF/COFF Support](https://sliver.sh/docs#name=BOF%20and%20COFF%20Support) +- [Armory](/docs?name=name=Armory) +- [Stagers](/docs?name=name=Stagers) +- [Community Guides](/docs?name=name=Community%20Guides) +- [Port Forwarding](/docs?name=name=Port%20Forwarding) +- [Reverse SOCKS](/docs?name=name=Reverse%20SOCKS) +- [BOF/COFF Support](/docs?name=name=BOF%20and%20COFF%20Support) diff --git a/docs/sliver-docs/pages/docs/md/HTTPS C2.md b/docs/sliver-docs/pages/docs/md/HTTPS C2.md index 187d7ca9bd..4ed02d618d 100644 --- a/docs/sliver-docs/pages/docs/md/HTTPS C2.md +++ b/docs/sliver-docs/pages/docs/md/HTTPS C2.md @@ -67,7 +67,7 @@ The priority of retrieval is the following: #### NTLM/Kerberos Proxy Authentication -You can use [advanced options](https://github.com/BishopFox/sliver/wiki/C2-Advanced-Options) to enable the use of the `wininet` HTTP library, which supports NTLM/Kerberos authentication (Windows only). Using this library tends to be a little less stable (we have to covert Go calls to native DLL calls) and is generally more susceptible to introspection by security products as these functions are well-known and easy to hook. However, if you need NTLM/Kerberos authentication you don't have much of a choice. +You can use [advanced options](/docs?name=C2-Advanced-Options) to enable the use of the `wininet` HTTP library, which supports NTLM/Kerberos authentication (Windows only). Using this library tends to be a little less stable (we have to covert Go calls to native DLL calls) and is generally more susceptible to introspection by security products as these functions are well-known and easy to hook. However, if you need NTLM/Kerberos authentication you don't have much of a choice. ## Start the Listener @@ -109,7 +109,7 @@ By default when using the `https` listener Sliver will simply generate a random sliver > https --domain example.com --lets-encrypt ``` -This uses Let's Encrypt/ACME HTTP validation, so the server will need the ability to start a public listener and you'll need to have the DNS for your `--domain` pointed to the Sliver server. If you're having issues pulling a certificate be sure to [check the logs](https://github.com/BishopFox/sliver/wiki/Troubleshooting). +This uses Let's Encrypt/ACME HTTP validation, so the server will need the ability to start a public listener and you'll need to have the DNS for your `--domain` pointed to the Sliver server. If you're having issues pulling a certificate be sure to [check the logs](/docs?name=Troubleshooting). You can also upload your own SSL/TLS certificate/key pairs: @@ -166,7 +166,7 @@ This section covers the "under the hood" implementation details of Sliver's HTTP The primary goals of the existing HTTP C2 design are to: - **Reliable Connections** The implants foremost goal is to get a connection out of the network, regardless of the environment's configuration. -- **Data Security** I won't cover this here, but [click here](https://github.com/BishopFox/sliver/wiki/Transport-Encryption) for details. +- **Data Security** I won't cover this here, but [click here](/docs?name=Transport-Encryption) for details. - **Network Layer Evasion** C2 messages should be hard to detect from the network layer, this is done via "Procedural C2" as detailed below. ### Procedural HTTP C2 @@ -179,7 +179,7 @@ Each implant is also only embedded with a randomly generated subset of the serve The high level process to generate and send a standard session request is (note: this is all after the key exchange, which I'm skipping for now): -1. Randomly generate the request path using built-in path segments. The path will have one of the following extensions, which indicate the type of request. This is distinct from a _message type_, the message type (i.e., the type of command) is in the encrypted so it cannot be determined without the [session key](https://github.com/BishopFox/sliver/wiki/Transport-Encryption). Everything in the path except for the extension is ignored by the server. +1. Randomly generate the request path using built-in path segments. The path will have one of the following extensions, which indicate the type of request. This is distinct from a _message type_, the message type (i.e., the type of command) is in the encrypted so it cannot be determined without the [session key](/docs?name=Transport-Encryption). Everything in the path except for the extension is ignored by the server. In the default configuration: diff --git a/docs/sliver-docs/pages/docs/md/Multi-player Mode.md b/docs/sliver-docs/pages/docs/md/Multi-player Mode.md index fb997bc99b..d720b315d6 100644 --- a/docs/sliver-docs/pages/docs/md/Multi-player Mode.md +++ b/docs/sliver-docs/pages/docs/md/Multi-player Mode.md @@ -1,4 +1,4 @@ -Multiplayer-mode allows multiple operators (players) to connect to the same Sliver server and collaborate on engagements. The easiest way to setup a server for multiplayer is to use the [Linux install script](https://github.com/BishopFox/sliver/wiki/Linux-Install-Script) which will configure the server as a systemd service. However, any Sliver server binary supports multiplayer mode. +Multiplayer-mode allows multiple operators (players) to connect to the same Sliver server and collaborate on engagements. The easiest way to setup a server for multiplayer is to use the [Linux install script](/docs?name=Linux-Install-Script) which will configure the server as a systemd service. However, any Sliver server binary supports multiplayer mode. ``` ┌──────────────────┐ C2 diff --git a/docs/sliver-docs/pages/docs/md/Pivots.md b/docs/sliver-docs/pages/docs/md/Pivots.md index 1e299ee84f..c5780a0036 100644 --- a/docs/sliver-docs/pages/docs/md/Pivots.md +++ b/docs/sliver-docs/pages/docs/md/Pivots.md @@ -6,7 +6,7 @@ Pivots allow you to create "chains" of implant connections, for example if you'r In Sliver you use an existing session to create a "pivot listener" and then generate new pivots that can connect back to that listener, just as you would with other C2 protocols/endpoints. -Pivots perform an [authenticated peer-to-peer cryptographic key exchange](https://github.com/BishopFox/sliver/wiki/Transport-Encryption#implant-to-implant-key-exchange-pivots) regardless of the underlying pivot protocol, therefore pivots can only communicate with other implants generated by the same server; this restriction cannot be disabled. +Pivots perform an [authenticated peer-to-peer cryptographic key exchange](/docs?name=Transport-Encryption#implant-to-implant-key-exchange-pivots) regardless of the underlying pivot protocol, therefore pivots can only communicate with other implants generated by the same server; this restriction cannot be disabled. ## TCP Pivots diff --git a/docs/sliver-docs/pages/docs/md/Stagers.md b/docs/sliver-docs/pages/docs/md/Stagers.md index ee2cc360bc..3ac2888bff 100644 --- a/docs/sliver-docs/pages/docs/md/Stagers.md +++ b/docs/sliver-docs/pages/docs/md/Stagers.md @@ -83,9 +83,9 @@ msfvenom -p windows/x64/custom/reverse_winhttp LHOST=192.168.122.1 LPORT=1234 LU ## Custom Stagers -One thing to consider while writing or using a custom stager, especially for the HTTP protocol, is that the Sliver server will only serve stage 2 payloads on specifically defined URLs. Indeed, since the HTTP staging listener is reusing the regular HTTP listener, it follows the same [procedural HTTP protocol](). +One thing to consider while writing or using a custom stager, especially for the HTTP protocol, is that the Sliver server will only serve stage 2 payloads on specifically defined URLs. Indeed, since the HTTP staging listener is reusing the regular HTTP listener, it follows the same [procedural HTTP protocol](). -The default file extension used to retrieve a stage 2 payload is `.woff`. It can be configured in the [HTTP C2 options]() using the `stager_file_ext` setting. +The default file extension used to retrieve a stage 2 payload is `.woff`. It can be configured in the [HTTP C2 options]() using the `stager_file_ext` setting. As a result, if you want to implement your own stager to fetch a stage 2 payload via HTTP, you need to query a URL that looks like this: `http://SLIVER-SERVER:STAGING-PORT/whatever.woff`. diff --git a/docs/sliver-docs/pages/docs/md/Third Party Tools.md b/docs/sliver-docs/pages/docs/md/Third Party Tools.md index a8b94fdf35..08428fed2b 100644 --- a/docs/sliver-docs/pages/docs/md/Third Party Tools.md +++ b/docs/sliver-docs/pages/docs/md/Third Party Tools.md @@ -1,4 +1,4 @@ -# Sideloading features +## Sideloading features Sliver implants support three different ways of loading third party tools: @@ -120,7 +120,7 @@ sliver (CONCRETE_STEEL) > sideload -p /Applications/Safari.app/Contents/MacOS/Sa Please be aware that you need to specify the entrypoint to execute for Windows DLLs. -## Loading reflective DLLs +## Loading Reflective DLLs Loading reflective DLLs is just a special case of side loading DLLs. To make things easier, the `spawndll` command allows you to inject reflective DLLs and run them in a remote process. diff --git a/docs/sliver-docs/pages/docs/md/Troubleshooting.md b/docs/sliver-docs/pages/docs/md/Troubleshooting.md index c325531b91..7bf825bffe 100644 --- a/docs/sliver-docs/pages/docs/md/Troubleshooting.md +++ b/docs/sliver-docs/pages/docs/md/Troubleshooting.md @@ -1,5 +1,3 @@ -## Server/Client Troubleshooting - ### Server logs Server related logs are saved to: `~/.sliver/logs/` @@ -9,7 +7,7 @@ Server related logs are saved to: `~/.sliver/logs/` - `sliver.json` JSON formatted log (includes timestamps) - `audit.json` a JSON formatted history of commands/activity -The default log level for the server is `INFO` when troubleshooting it may be helpful to increase this to `DEBUG` (5), which can be done by editing the [server configuration file](https://github.com/BishopFox/sliver/wiki/Configuration-Files) +The default log level for the server is `INFO` when troubleshooting it may be helpful to increase this to `DEBUG` (5), which can be done by editing the [server configuration file](/docs?name=Configuration-Files) ### Client logs diff --git a/docs/sliver-docs/pages/search/index.tsx b/docs/sliver-docs/pages/search/index.tsx index b5311063ed..918eee882b 100644 --- a/docs/sliver-docs/pages/search/index.tsx +++ b/docs/sliver-docs/pages/search/index.tsx @@ -44,14 +44,16 @@ const SearchPage: NextPage = (props: SearchPageProps) => { color="secondary" className="w-[150px]" onPress={() => { - router.push(`/docs#name=${doc.name}`); + router.push(`/docs?name=${doc.name}`); }} > Full Doc + +
diff --git a/docs/sliver-docs/util/frags.ts b/docs/sliver-docs/util/frags.ts deleted file mode 100644 index be69fc9063..0000000000 --- a/docs/sliver-docs/util/frags.ts +++ /dev/null @@ -1,60 +0,0 @@ -/** URL Fragment Arguments */ - -class Frags { - - set(name: string, value: string) { - let frags = this._parseHash(); - frags.set(name, value); - let newFrags = ""; - for (let [key, value] of frags) { - newFrags += `${key}=${value};`; - } - window.location.hash = newFrags; - } - - get(name: string): string | undefined { - if (typeof window === "undefined") { - return undefined; - } - let frags = window.location.hash; - if (!frags) { - return undefined; - } - let fragsMap = this._parseHash(); - return fragsMap.get(name); - } - - unset(name: string) { - let frags = window.location.hash; - if (!frags) { - return; - } - let fragsMap = this._parseHash(); - fragsMap.delete(name); - let newFrags = ""; - for (let [key, value] of fragsMap) { - newFrags += `${key}=${value};`; - } - window.location.hash = newFrags; - } - - private _parseHash(): Map { - let frags = window.location.hash; - frags = frags.substring(1); - let fragsMap = new Map(); - if (!frags) { - return fragsMap; - } - frags.split(";").forEach(frag => { - if (!frag) { - return; - } - const [key, value] = frag.split("="); - fragsMap.set(key, value); - }); - return fragsMap; - } - -} - -export const frags = new Frags();