📄️ Windows Implants
Generate Windows Implants
📄️ Configure the Windows Target
While this is not realistic in a production environment, for this evaluation we are going to disable the Windows security so that the implants will run without being impeded by default security settings. Otherwise, as soon as the implant is put on the Windows host, it will be quarantined as a threat (rightly so).
📄️ Run a Windows Session
Deploy the Windows session implant to the target host, and run it:
📄️ Run a Windows Beacon
Deploy the Windows beacon implant to the target host, and run it:
📄️ Using the Execute Command
Start up the Windows session with the implant created earlier. Once the session contacts the server, be sure to use the session.
📄️ Save & View Loot
Sliver has a loot command which can store files and credentials on the server-side. The files are stored in the /root/.sliver/loot/files directory, and credentials are stored in the /root/.sliver/loot/credentials directory. The information is stored on the server so all operators have access to it.
📄️ Windows Summary
To perform this in a "real" environment will require significantly more advanced usage of Sliver with additonal tools to avoid detection. This is guide is meant to simply get familiar with the basics of Sliver!