MyGit

v1.5.40

BishopFox/sliver

版本发布时间: 2023-06-21 02:32:26

BishopFox/sliver最新发布版本:v1.5.42(2024-02-29 04:00:27)

⚠️ Backwards incompatible changes ⚠️

This release fixes a vulnerability (CVE-2023-34758) in the Sliver Key Encapsulation Mechanism (KEM), where improper use of Nacl Box (libsodium) could allow a MitM attacker with a copy of the implant binary to recover the session key and arbitrarily encrypt/decrypt C2 messages. Note that the Sliver KEM is only used over insecure protocols such as HTTP and DNS, and does not affect mTLS or Wireguard.

The issue was addressed by switching to a combination age for the KEM and HMAC-SHA2-256 to verify the implant.

More details: https://github.com/BishopFox/sliver/security/advisories/GHSA-8jxm-xp43-qh3q

Special thanks to Ting-Wei Hsieh from CHT Security Co. Ltd. for reporting the vulnerability.

相关地址:原始地址 下载(tar) 下载(zip)

1、 sliver-client_linux 34.82MB

2、 sliver-client_linux.sig 566B

3、 sliver-client_macos 37.84MB

4、 sliver-client_macos-arm64 36.97MB

5、 sliver-client_macos-arm64.sig 566B

6、 sliver-client_macos.sig 566B

7、 sliver-client_windows.exe 34.48MB

8、 sliver-client_windows.sig 566B

9、 sliver-server_linux 160.8MB

10、 sliver-server_linux.sig 566B

11、 sliver-server_macos 164.53MB

12、 sliver-server_macos-arm64 160.87MB

13、 sliver-server_macos-arm64.sig 566B

14、 sliver-server_macos.sig 566B

15、 sliver-server_windows.exe 168.88MB

16、 sliver-server_windows.sig 566B

查看:2023-06-21发行的版本