Sessions

This module is used to connect to session gRPC APIs. Users should only need to use the InteractiveSession class. The BaseSession class is not intended to be used directly but can be inherited by other Session classes.

BaseSessions

class sliver.session.BaseSession(session, channel, timeout=60)[source]

Base class for Session objects.

Parameters

  • session (client_pb2.Session) – Session protobuf.

  • channel (grpc.Channel) – A gRPC channel.

  • timeout (int, optional) – Timeout in seconds

property active_c2: str

Active C2

Return type

str

property arch: str

Architecture

Return type

str

property filename: str

Implant filename

Return type

str

property gid: str

Group ID

Return type

str

property hostname: str

Hostname

Return type

str

property is_dead: bool

Is dead

Return type

bool

property last_checkin: int

Last check in

Return type

int

property name: str

Session name

Return type

str

property os: str

Operating system

Return type

str

property pid: int

Process ID

Return type

int

property proxy_url: str

Proxy URL

Return type

str

property reconnect_interval: int

Reconnect interval

Return type

int

property remote_address: str

Remote address

Return type

str

property session_id: str

Session ID

Return type

str

property transport: str

Transport Method

Return type

str

property uid: str

User ID

Return type

str

property username: str

Username

Return type

str

property uuid: str

Session UUID

Return type

str

property version: str

Version

Return type

str

InteractiveSession

class sliver.InteractiveSession(session, channel, timeout=60)[source]

Bases: BaseSession, BaseInteractiveCommands

Session only commands

async backdoor(remote_path, profile_name)[source]

Backdoor a remote binary by injecting a Sliver payload into the executable using a code cave

Parameters

  • remote_path (str) – Remote path to an executable to backdoor

  • profile_name (str) – Implant profile name to inject into the binary

Returns

Protobuf Backdoor object

Return type

sliver_pb2.Backdoor

async pivot_listeners()[source]

List C2 pivots

Returns

Protobuf PivotListener list

Return type

List[sliver_pb2.PivotListener]

async remove_service(name, hostname)[source]

Remove a Windows service (Windows only)

Parameters

  • name (str) – Name of the service

  • hostname (str) – Hostname

Returns

Protobuf ServiceInfo object

Return type

sliver_pb2.ServiceInfo

async start_service(name, description, exe, hostname, arguments)[source]

Create and start a Windows service (Windows only)

Parameters

  • name (str) – Name of the service

  • description (str) – Service description

  • exe (str) – Path to the service .exe file

  • hostname (str) – Hostname

  • arguments (str) – Arguments to start the service with

Returns

Protobuf ServiceInfo object

Return type

sliver_pb2.ServiceInfo

async stop_service(name, hostname)[source]

Stop a Windows service (Windows only)

Parameters

  • name (str) – Name of the servie

  • hostname (str) – Hostname

Returns

Protobuf ServiceInfo object

Return type

sliver_pb2.ServiceInfo