search

BishopFox / sliver

Adversary Emulation Framework
GNU General Public License v3.0
8.25k stars 1.09k forks source link

I got a bunch of cursed errors. #1758

Open whoami-www opened 1 month ago

whoami-www commented 1 month ago

[server] sliver (AFRAID_SUNFLOWER) > cursed chrome

⚠️ Found running Chrome process: 17028 (ppid: 8736) ⚠️ Sliver will need to kill and restart the Chrome process in order to perform code injection. ⚠️ Sliver will attempt to restore the user's session, however DATA LOSS MAY OCCUR!

? Kill and restore existing Chrome process? Yes [] Finding Chrome executable path ... success! [] Finding Chrome user data directory ... success! [] Starting Chrome process ... (pid: 19048) success! [] Port forwarding 127.0.0.1:41053 -> 127.0.0.1:10398 ⚠️ No Cursed Chrome payload was specified, skipping payload injection.

[server] sliver (AFRAID_SUNFLOWER) > cursed cookies

? Select a curse: 41053 [Session 0dec9f13] C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

[!] Failed to dump cookies: parse error: expected string near offset 20510 of 'partitionKey'

[server] sliver (AFRAID_SUNFLOWER) > cursed cookies

? Select a curse: 41053 [Session 0dec9f13] C:\Users\Administrator\AppData\Local\Google\Chrome\Application\chrome.exe

[!] Failed to dump cookies: parse error: expected string near offset 20510 of 'partitionKey' image

rkervella commented 1 week ago

It seems we need to update the cdproto dependency, since PartitionKey changed from a string to a struct: https://github.com/chromedp/cdproto/blob/master/network/types.go#L1222