Sliver C2 - CameronProvost/SEC440 GitHub Wiki

• Deliverable #1.1 - What is the protocol and port number that the server is running on and can we change it to something different?

Tcp 31337

• Deliverable 2.1# - Submit a screenshot showing the successful creation of the two profiles mentioned above. Your screenshot should show something similar to what is seen in figure 2.1 below.

• Deliverable 2.2# - Submit a screenshot similar to what is seen in figure 2.5 that shows the type of implants you just created.

• Deliverable 3.1# - Submit proof that you have connected to the victim system, this could be by running the “ifconfig” command or anything or your choice (e.g. whoami, ls, etc).

• Deliverable 4.1# - Submit proof that you have both tasks performed successfully.

• Deliverable 4.2# - Submit proof that you have both tasks performed successfully.

• Deliverable 4.3# - Submit proof that you have obtained SYSTEM on your Windows system.

• Deliverable #5.1 - You are required to write a paragraph or two on what you have learned in this lab. Things to include: what went well, what did not, what are the things that could be improved, etc.

In this lab I learned how threat actors would move through a system after gaining access. I learned how to generate implants and place them within a system using sessions to gain access and control on a system. I also learned how to use persistence methods to maintain access on these systems. Overall I though the lab went well and was clear in its directions. The only things I struggled with were simple mistakes in the commands I was running but otherwise everything went well.