Merge pull request #4 from MythicAgents/dev

added warning to readme

Payload_Type/sliverapi/sliverapi/SliverRequests/SliverAPI.py

@@ -10,11 +10,32 @@
 
 async def create_sliver_client(taskData: PTTaskMessageAllData):
  # builder.py should have cached it by calling create_sliver_client_with_config
- if (f"{taskData.Payload.UUID}" not in sliver_clients.keys()):
- # TODO: throw error
- return None
+ if (f"{taskData.Payload.UUID}" in sliver_clients.keys()):
+ return sliver_clients[f"{taskData.Payload.UUID}"]
 
- return sliver_clients[f"{taskData.Payload.UUID}"]
+ filecontent = await SendMythicRPCFileGetContent(MythicRPCFileGetContentMessage(
+ # TODO: could possibly mirror this in the implant create_client, and get rid of extraInfo? (payload vs callback....)
+ AgentFileId=taskData.BuildParameters[0].Value
+ ))
+
+ config = SliverClientConfig.parse_config(filecontent.Content)
+ client = SliverClient(config)
+
+ await client.connect()
+
+ sliver_clients[f"{taskData.Payload.UUID}"] = client
+
+ # 'Sync' Events from the Server
+ # TODO: refactor this into the builder.py
+ # TODO: is this a weird python closure? (and does that matter?)
+ async def read_server_events():
+ async for data in client.events():
+ await handleSliverEvent(data, taskData.BuildParameters[0].Value)
+ asyncio.create_task(read_server_events())
+
+ # TODO: sync callbacks and payloads here
+
+ return client
 
 
 # TODO: could refactor this more
@@ -30,7 +51,7 @@ async def create_sliver_client_with_config(payload_uuid, configFileId):
 
  sliver_clients[f"{payload_uuid}"] = client
 
- # TODO: refactor this into the builder.py
+ # # TODO: refactor this into the builder.py
  async def read_server_events():
  async for data in client.events():
  await handleSliverEvent(data, configFileId)

Payload_Type/sliverapi/sliverapi/agent_functions/profiles.py

@@ -200,6 +200,7 @@ def __init__(self, command_line, **kwargs):
 
  # TODO: this is also duplicated in the below profiles_list
  async def get_profiles(self, inputMsg: PTRPCDynamicQueryFunctionMessage) -> PTRPCDynamicQueryFunctionMessageResponse:
+ print('did get profiles thing')
  profile_names = []
 
  # TODO: this is quick and dirty, could refactor this (and put into SliverAPI file)

README.md

@@ -1,13 +1,17 @@
 # sliver
 
+> [!CAUTION]
+> Extremely new project with lots of bugs, please report everything!
+> This will also help drive which commands to focus on.
+
 This is a set of [Mythic](https://docs.mythic-c2.net/) agents for interacting with [Sliver](https://sliver.sh/) C2 framework.
 
 - `sliverapi`: for interacting with the sliver server (ie: start listeners, list sessions...etc)
 - `sliverimplant`: for interacting with a sliver implant (ie: ps, netstat...etc)
 
 The `sliverapi` payload doesn't build anything, but instead generates a "callback" within Mythic that allows you to interact with Sliver's API. This requires you to generate an [operator configuration file](https://sliver.sh/docs?name=Multi-player+Mode). This config file is the only build parameter, and once built, a callback will immediately appear and you can start tasking like normal.
 
-A `sliverimplant` callback is instantiated when tasking a `use -id <sliver_implant_id>` from within the sliverapi callback.
+A `sliverimplant` callback is instantiated automatically when a session connects, or when tasking a `use -id <sliver_implant_id>` from within the sliverapi callback.
 
 Checkout this [blog](./blog/blog.md) about my experience creating them.