You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When using a Linux beacon in an Environment where proxy is used, beacon gets the proxy from the HTTP_PROXY env var even tho the HTTPS_PROXY var is set and the C2 callback is made to a HTTPS website.
From implant/sliver/proxy/doc.go it details how the proxy is detected. Several environment variables like HTTPS_PROXY, HTTP_PROXY, FTP_PROXY, or ALL_PROXY are detected. The beacon is getting the HTTP_PROXY as first match if present, and ignoring the rest. Resulting into a wrong proxy setting since the C2 backend is HTTPS.
Steps to Reproduce
Generate a regular linux beacon with a target url that uses HTTPS. Debug version is optional but recommended.
In the victim machine, set different proxies for HTTP and HTTPS using HTTP_PROXY and HTTPS_PROXY variables respectively.
Execute the beacon. Note how the HTTP proxy is picked insted of the HTTPS.
Desktop (please complete the following information):
OS: RHEL 8
Version Sliver: Latest (v1.5.42)
The text was updated successfully, but these errors were encountered:
Describe the bug
When using a Linux beacon in an Environment where proxy is used, beacon gets the proxy from the HTTP_PROXY env var even tho the HTTPS_PROXY var is set and the C2 callback is made to a HTTPS website.
From implant/sliver/proxy/doc.go it details how the proxy is detected. Several environment variables like HTTPS_PROXY, HTTP_PROXY, FTP_PROXY, or ALL_PROXY are detected. The beacon is getting the HTTP_PROXY as first match if present, and ignoring the rest. Resulting into a wrong proxy setting since the C2 backend is HTTPS.
Steps to Reproduce
Desktop (please complete the following information):
The text was updated successfully, but these errors were encountered: