Problems with macos M2 ARM CPU on debian 12 vm (parallels)

[fredericgoossens]

My setup:

• Apple macbook pro M2
• Trying to run sliver inside virtual machine
• Using Parallels and debian 12 VM

Problem:

• there are no working pre-compiled builds for linux-arm (not for latest tag branch)
• Using the setup bash script, it installs the amd64 version. you can run amd64 binaries bcs of some translation framework called rosetta (by apple, also used in parallels). but i ran into some compile errors when generating beacons. I wasn't able to compile for windows/amd64 on a arm chip
• when compiling myself on the masterbranch I get the following build errors:

git clone ...
git checkout v1.6.0/master
make
...
CGO_ENABLED=0 go build -mod=vendor -trimpath -tags osusergo,netgo,go_sqlite,server -ldflags "-s -w -X github.com/bishopfox/sliver/client/version.Version=v1.5.39 -X \"github.com/bishopfox/sliver/client/version.GoVersion=go version go1.21.1 linux/arm64\" -X github.com/bishopfox/sliver/client/version.CompiledAt=1697033655 -X github.com/bishopfox/sliver/client/version.GithubReleasesURL=https://api.github.com/repos/BishopFox/sliver/releases -X github.com/bishopfox/sliver/client/version.GitCommit=641b736e39a55f1334cf4fbb8348321fd4c3c539 -X github.com/bishopfox/sliver/client/version.GitDirty= -X github.com/bishopfox/sliver/client/assets.DefaultArmoryPublicKey=RWSBpxpRWDrD7Fe+VvRE3c2VEDC2NK80rlNCj+BX0gz44Xw07r6KQD9L -X github.com/bishopfox/sliver/client/assets.DefaultArmoryRepoURL=https://api.github.com/repos/sliverarmory/armory/releases" -o sliver-server ./server
package github.com/bishopfox/sliver/server
    imports github.com/bishopfox/sliver/server/cli
    imports github.com/bishopfox/sliver/server/builder
    imports github.com/bishopfox/sliver/server/generate
    imports github.com/bishopfox/sliver/server/certs
    imports github.com/bishopfox/sliver/server/core
    imports github.com/bishopfox/sliver/implant/sliver/transports/wireguard
    imports github.com/bishopfox/sliver/implant/sliver/netstack
    imports gvisor.dev/gvisor/pkg/bufferv2
    imports gvisor.dev/gvisor/pkg/atomicbitops
    imports gvisor.dev/gvisor/pkg/cpuid
    imports gvisor.dev/gvisor/pkg/state
    imports gvisor.dev/gvisor/pkg/state/wire
    imports gvisor.dev/gvisor/pkg/gohacks: build constraints exclude all Go files in /home/parallels/Desktop/sliver2/vendor/gvisor.dev/gvisor/pkg/gohacks
make: *** [Makefile:109: default] Error 1

Would it be possible to have a pre-compiled binary for linux-arm? thanks! :)

[fredericgoossens]

here is the error when running the amd64 binary on a ARM CPU (using rosetta framework, as translation):

parallels@debian-gnu-linux-12:~/Desktop$ sliver
Connecting to localhost:31337 ...

    ███████╗██╗     ██╗██╗   ██╗███████╗██████╗
    ██╔════╝██║     ██║██║   ██║██╔════╝██╔══██╗
    ███████╗██║     ██║██║   ██║█████╗  ██████╔╝
    ╚════██║██║     ██║╚██╗ ██╔╝██╔══╝  ██╔══██╗
    ███████║███████╗██║ ╚████╔╝ ███████╗██║  ██║
    ╚══════╝╚══════╝╚═╝  ╚═══╝  ╚══════╝╚═╝  ╚═╝

All hackers gain ninjitsu
[*] Server v1.5.41 - f2a3915c79b31ab31c0c2f0428bbd53d9e93c54b
[*] Welcome to the sliver shell, please type 'help' for options

[*] Check for updates with the 'update' command

sliver > jobs

[*] No active jobs

sliver > http

[*] Starting HTTP :80 listener ...
[*] Successfully started job #1

sliver > jobs

 ID   Name   Protocol   Port   Stage Profile 
==== ====== ========== ====== ===============
 1    http   tcp        80                   

sliver > generate --arch amd64 --os windows beacon -b 10.10.16.2 --format shellcode -S 5

[*] Generating new windows/amd64 beacon implant binary (5s)
[*] Symbol obfuscation is enabled
[!] rpc error: code = Unknown desc = invalid compiler target: windows/amd64

sliver > generate info

Server: linux/amd64

Cross Compilers
windows/386 - /usr/bin/i686-w64-mingw32-gcc
windows/amd64 - /usr/bin/x86_64-w64-mingw32-gcc
darwin/amd64 - /opt/osxcross/target/bin/o64-clang
darwin/arm64 - /opt/osxcross/target/bin/aarch64-apple-darwin20.2-clang

Supported Targets
darwin/amd64 - Executable
darwin/arm64 - Executable
linux/386 - Executable
linux/amd64 - Executable
windows/386 - Executable
windows/amd64 - Executable
windows/amd64 - Shared Library
darwin/amd64 - Shared Library
darwin/arm64 - Shared Library
linux/386 - Shared Library
linux/amd64 - Shared Library
windows/386 - Shared Library
windows/386 - Service
windows/amd64 - Service
windows/386 - Shellcode
windows/amd64 - Shellcode

Default Builds Only

sliver > 

I think it kinda makes sense, this setup is too complex anyway. Thats why it would be pretty neat to have a working version for just arm-linux ig

[sh1yan]

我的也是在 debian 11 虚拟机上的 macos M2 ARM CPU 问题，没有合适的ARM芯片的兼容版本。

[rkervella]

Linux ARM support is scheduled for v1.6. We don't have a release date though.

[fredericgoossens]

Alright, awesome. looking forward to it :)

[matiyev]

hey @fredericgoossens, were you able to find a solution or are you still waiting for the ARM support?

[moloch--]

Make sure you're using Go 1.22 with master the sliver server and client should compile without issue, you can use also make linux-arm64. However, cross-compiling a Windows implant to shellcode or a shared library will require the appropriate C cross-compilers which may or may not exist (Windows executables don't require CGO and should compile just fine).

[SLizerin-CLI]

From the documentation, When compiling v1.5.x use Go v1.20.7. I downgraded the go version to 1.20.7 and that solved the issue.

[fredericgoossens]

hey @fredericgoossens, were you able to find a solution or are you still waiting for the ARM support?

I'm still waiting on ARM support.

From the documentation, When compiling v1.5.x use Go v1.20.7. I downgraded the go version to 1.20.7 and that solved the issue.

I assume generating payloads doesn't work?

[moloch--]

Current master should build to ARM now due to a switch to Zig for CGO really simplifies cross architecture stuff.