sliver-session
There are multiple commands from type ‘sliver-session’ to execute commands in an active sliver session.
ls
List files and directories on the remote host
###
commands:
- type: sliver-session
cmd: ls
remote_path: /etc
- remote_path
Path to list all files
- Type:
str
- Required:
True
cd
Change the working directory
###
commands:
- type: sliver-session
cmd: cd
remote_path: /home
- remote_path
Path to change to
- Type:
str
- Required:
True
netstat
Print network connection information
###
commands:
- type: sliver-session
cmd: netstat
tcp: True
udp: True
ipv4: True
ipv6: False
listening: True
- tcp
Display information about TCP sockets
- Type:
bool
- Default:
True
- udp
Display information about UDP sockets
- Type:
bool
- Default:
True
- ipv4
Display information about IPv4 sockets
- Type:
bool
- Default:
True
- ipv6
Display information about IPv6 sockets
- Type:
bool
- Default:
True
- listening
Display information about listening sockets
- Type:
bool
- Default:
True
execute
Execute a program on the remote system
###
commands:
- type: sliver-session
cmd: execute
exe: /usr/bin/grep
args:
- root
- /etc/passwd
output: True
- exe
Command to execute
- Type:
str
- Required:
True
- args
List of command arguments
- Type:
List[str]
- output
Capture command output
- Type:
bool
- Default:
True
mkdir
Create a remote directory.
###
commands:
- type: sliver-session
cmd: mkdir
remote_path: /tmp/somedirectory
- remote_path
Path to the directory to create
- Type:
str
- Required:
True
ifconfig
View network interface configurations
###
commands:
- type: sliver-session
cmd: ifconfig
ps
List processes of the remote system
###
commands:
- type: sliver-session
cmd: ps
pwd
Print working directory of the active session.
###
commands:
- type: sliver-session
cmd: pwd
download
Download a file or directory from the remote system. Directories will be downloaded as a gzipped tar-file.
###
commands:
- type: sliver-session
cmd: download
remote_path: /root
recurse: True
- remote_path
Path to the file or directory to download
- Type:
str
- Required:
True
- local_path
Local path where the downloaded file will be saved.
- Type:
str
- Required:
False- Default:
.
- recurse
Recursively downloaded all files in a directory.
- Type:
bool
- Default:
False
upload
Upload a file to the remote system.
###
commands:
- type: sliver-session
cmd: upload
remote_path: /tmp/somefile
local_path: /home/user/somefile
- remote_path
Path to the file or directory to upload to
- Type:
str
- Required:
True
- local_path
Local path to the file to upload
- Type:
str
- is_ioc
Track uploaded file as an ioc
- Type:
bool
- Default:
False
process_dump
Dumps the process memory of a given pid to a local file.
###
commands:
- type: sliver-session
cmd: process_dump
pid: 102
local_path: /home/user/some_service.dump
- pid
Target Pid
- Type:
int
- Required:
True
- local_path
Save to file.
- Type:
str
- Required:
True
rm
Delete a remote file or directory.
- remote_path
Path to the file to remove
- Type:
str
- Required:
True
- recursive
Recursively remove files
- Type:
bool
- Default:
False
- force
Ignore safety and forcefully remove files
- Type:
bool
- Default:
False
terminate
Kills a remote process designated by PID
- pid
PID of the process to kill.
- Type:
int
- Required:
True
- force
Disregard safety and kill the PID.
- Type:
bool
- Default:
False