-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mtls-server-ca-cert.pem certificate expired, can this be recovered #1688
Comments
LOgs from a debug implant: 2024/05/15 16:24:08 mtls.go:168: Unable to connect: x509: certificate has expired or is not yet valid: current time 2024-05-15T16:24:08+02:00 is after 2024-05-15T10:28:09Z And that is after I regenerated a mtls-implant cert on the server keeping the same private key, using the following openssl command: openssl req -x509 -new -key mtls-server-ca-key.pem -out mtls-server-ca-key-cert.pem -days 3650 And restarted the C2. Seems that the cert is embedded in the implant, and so it's a death sentence for all implants generated until now. Am I right ? |
Yes, it's a death sentence the certs are embedded at compile time. |
Not a bug, but a quite annoying problem.
It seems that my mtls-server-ca-cert.pem certificate expired during a very long operation.
And none of the current implants can connect (from sliver.log) to the C2:
[31mERRO^[[0m[2024-05-15T12:59:08+02:00] [sliver/server/c2/mtls.go:103] Socket read error remote error: tls: bad certificate
^[[36mINFO^[[0m[2024-05-15T12:59:53+02:00] [sliver/server/c2/mtls.go:85] Accepted incoming connection: [::1]:58088
^[[31mERRO^[[0m[2024-05-15T12:59:53+02:00] [sliver/server/c2/mtls.go:165] Socket error (read msg-length): remote error: tls: bad certificate
Is there a way to recover from this ? Either by editing sliver.db or changing the code to remove ssl validation somewhere ?
(btw for future release, a warning a few weeks before expiration would be nice)
Sliver: 1.5.39 if it matters
The text was updated successfully, but these errors were encountered: