Slewer2 (Sliver C2) Tutorial: How to Set Up Your First Listener
Sliver is a powerful, open-source Command and Control (C2) framework used by red teams and penetration testers. It serves as a modern alternative to older frameworks, offering cross-platform support and advanced evasion capabilities. Setting up a listener is your very first step toward establishing connectivity with a target payload.
This guide will walk you through launching the Sliver server and configuring your first basic listener. Step 1: Launch the Sliver Server
Before you can catch a connection, you must start the Sliver console. You can run it in a single-player local mode or connect to a multi-player daemon. For this tutorial, we will use the local console.
Open your terminal and run the following command with root privileges: sudo sliver Use code with caution.
Once loaded, your terminal prompt will change to sliver >, indicating you are inside the interactive C2 console. Step 2: Choose Your Protocol
Sliver supports multiple communication protocols for its listeners. Choosing the right one depends on your operational environment and evasion needs.
HTTP/HTTPS: Most common for general operations. It blends in with normal web traffic and easily passes through standard corporate firewalls.
DNS: Highly resilient but slower. Best used as a backup beaconing channel.
mTLS (Mutual TLS): Extremely secure and stable. It uses client/server certificates to encrypt and validate the traffic, preventing unauthorized scanners from identifying your infrastructure.
For this guide, we will focus on setting up a standard HTTP listener and a secure mTLS listener. Step 3: Start the Listener
Inside the Sliver console, starting a listener requires just a single command. Option A: Starting an HTTP Listener
To start a basic HTTP listener on the default port (80), enter: http Use code with caution.
If you want to host the listener on a custom port (for example, port 8080), append the –port flag: http –port 8080 Use code with caution. Option B: Starting an mTLS Listener
To start a secure mutual TLS listener on the default port (8888), run: mtls Use code with caution.
To run it on a specific port like 443, customize the command: mtls –port 443 Use code with caution. Step 4: Verify the Listener is Active
Once you execute the command, Sliver will spin up the background service. To ensure your listener is up, running, and waiting for incoming connections, use the jobs command: jobs Use code with caution.
This command displays a table of all active listeners, showing their Job ID, Protocol, and Bound Port. Next Steps
With your listener successfully running, your infrastructure is ready to receive connections. Your next phase is to generate a compatible implant (payload) using the generate command, ensuring you point the payload’s callback configuration to your listener’s exact IP address and port. To help you move forward, tell me: What operating system is your target machine running?
I can provide the exact command to generate your first payload. Saved time Comprehensive Inappropriate Not working
A copy of this chat, including the images and video, will be included with your feedback A copy of this chat will be included with your feedback
Your feedback will include a copy of this chat and the image from your search
Your feedback will include a copy of this chat, any links you shared, and the image from your search.
Thanks for letting us know
Google may use account and system data to understand your feedback and improve our services, subject to our Privacy Policy and Terms of Service. For legal issues, make a legal removal request.
Leave a Reply