You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Raised sliver C2 on one of the VPS hosting for testing
When you try to connect from the client directly to the vps server by enabling and configuring the preliminary multiplayer, you do not get the result of commands. That is, the client manages to connect to the sliver command line, but after entering any command, such as jobs, the command freezes ... you have to break Ctrl+C.
But on this VPS raised wireguard for easy administration. Try to configure multipleer through the tunnel in the wireguard connection successfully and the commands are executed without a single delay!
Next, I generate a Windows Implement using mtls and the public IP of my VPS.
I run it, I show you the implant is connected, I use it, I type the ls command and I get a list of files. But after entering the screenshot command, the implant freezes. The server shows that the command was received implant, but the result is not stored in /tmp. after that, the implant sometimes did not respond to commands at all, and sometimes after 5 minutes it could work again.
Testing other frameworks (AdaptixC2, Havoc) observed the same. Some commands that return little data (ls, cd...) are executed, and when the heavier commands (screenshot, download...) are executed, all implants freeze. And the same with connecting to admin control panel frameworks.
Analyzing traffic in Wireshark found that when sending big data packets are lost somewhere and implant tries to resend data without waiting for a response.
What's the possible reason? Is the VPS provider blocking this traffic? Which VPS providers should you use? Who has encountered this problem?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hey!
Raised sliver C2 on one of the VPS hosting for testing
When you try to connect from the client directly to the vps server by enabling and configuring the preliminary multiplayer, you do not get the result of commands. That is, the client manages to connect to the sliver command line, but after entering any command, such as jobs, the command freezes ... you have to break Ctrl+C.
But on this VPS raised wireguard for easy administration. Try to configure multipleer through the tunnel in the wireguard connection successfully and the commands are executed without a single delay!
Next, I generate a Windows Implement using mtls and the public IP of my VPS.
I run it, I show you the implant is connected, I use it, I type the ls command and I get a list of files. But after entering the screenshot command, the implant freezes. The server shows that the command was received implant, but the result is not stored in /tmp. after that, the implant sometimes did not respond to commands at all, and sometimes after 5 minutes it could work again.
Testing other frameworks (AdaptixC2, Havoc) observed the same. Some commands that return little data (ls, cd...) are executed, and when the heavier commands (screenshot, download...) are executed, all implants freeze. And the same with connecting to admin control panel frameworks.
Analyzing traffic in Wireshark found that when sending big data packets are lost somewhere and implant tries to resend data without waiting for a response.
What's the possible reason? Is the VPS provider blocking this traffic? Which VPS providers should you use? Who has encountered this problem?
Thank you
Beta Was this translation helpful? Give feedback.
All reactions