aboutsummaryrefslogtreecommitdiff
path: root/sliver-c2/templates
diff options
context:
space:
mode:
authorheqnx <root@heqnx.com>2025-05-25 08:23:11 +0300
committerheqnx <root@heqnx.com>2025-05-25 08:23:11 +0300
commit56b09942c04c191b7581a26e1375226d40709a34 (patch)
tree4042a01a25b62ac16571b1dc86daf9fe2c6313d9 /sliver-c2/templates
parentbcd55b16115ed51075686a68402134680ac80ae9 (diff)
downloadansible-playbooks-56b09942c04c191b7581a26e1375226d40709a34.tar.gz
ansible-playbooks-56b09942c04c191b7581a26e1375226d40709a34.zip
added sliver ansible playbook
Diffstat (limited to 'sliver-c2/templates')
-rw-r--r--sliver-c2/templates/jail.local.j246
-rw-r--r--sliver-c2/templates/server.json.j218
-rw-r--r--sliver-c2/templates/sliver.service.j214
3 files changed, 78 insertions, 0 deletions
diff --git a/sliver-c2/templates/jail.local.j2 b/sliver-c2/templates/jail.local.j2
new file mode 100644
index 0000000..dd548df
--- /dev/null
+++ b/sliver-c2/templates/jail.local.j2
@@ -0,0 +1,46 @@
+[INCLUDES]
+#before = paths-distro.conf
+before = paths-debian.conf
+
+[DEFAULT]
+#ignoreself = true
+#ignoreip = 127.0.0.1/8 ::1
+ignorecommand =
+bantime = 1h
+findtime = 10m
+maxretry = 3
+maxmatches = %(maxretry)s
+backend = auto
+usedns = warn
+logencoding = auto
+enabled = false
+mode = normal
+filter = %(__name__)s[mode=%(mode)s]
+destemail = root@localhost
+sender = root@<fq-hostname>
+mta = sendmail
+protocol = tcp
+chain = <known/chain>
+port = 0:65535
+fail2ban_agent = Fail2Ban/%(fail2ban_version)s
+banaction = iptables-multiport
+banaction_allports = iptables-allports
+action_ = %(banaction)s[port="%(port)s", protocol="%(protocol)s", chain="%(chain)s"]
+action_mw = %(action_)s
+ %(mta)s-whois[sender="%(sender)s", dest="%(destemail)s", protocol="%(protocol)s", chain="%(chain)s"]
+action_mwl = %(action_)s
+ %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
+action_xarf = %(action_)s
+ xarf-login-attack[service=%(__name__)s, sender="%(sender)s", logpath="%(logpath)s", port="%(port)s"]
+action_cf_mwl = cloudflare[cfuser="%(cfemail)s", cftoken="%(cfapikey)s"]
+ %(mta)s-whois-lines[sender="%(sender)s", dest="%(destemail)s", logpath="%(logpath)s", chain="%(chain)s"]
+action_blocklist_de = blocklist_de[email="%(sender)s", service="%(__name__)s", apikey="%(blocklist_de_apikey)s", agent="%(fail2ban_agent)s"]
+action_abuseipdb = abuseipdb
+action = %(action_)s
+
+[sshd]
+mode = aggressive
+enabled = true
+port = ssh
+logpath = %(sshd_log)s
+backend = %(sshd_backend)s
diff --git a/sliver-c2/templates/server.json.j2 b/sliver-c2/templates/server.json.j2
new file mode 100644
index 0000000..9c59062
--- /dev/null
+++ b/sliver-c2/templates/server.json.j2
@@ -0,0 +1,18 @@
+{
+ "daemon_mode": false,
+ "daemon": {
+ "host": "{{ sliver_server }}",
+ "port": 31337
+ },
+ "logs": {
+ "level": 4,
+ "grpc_unary_payloads": false,
+ "grpc_stream_payloads": false,
+ "tls_key_logger": false
+ },
+ "jobs": {
+ "multiplayer": null
+ },
+ "watch_tower": null,
+ "go_proxy": ""
+}
diff --git a/sliver-c2/templates/sliver.service.j2 b/sliver-c2/templates/sliver.service.j2
new file mode 100644
index 0000000..11cc2bd
--- /dev/null
+++ b/sliver-c2/templates/sliver.service.j2
@@ -0,0 +1,14 @@
+[Unit]
+Description=Sliver
+After=network.target
+StartLimitIntervalSec=0
+
+[Service]
+Type=simple
+Restart=on-failure
+RestartSec=3
+User=root
+ExecStart={{ install_path }}/sliver-server daemon
+
+[Install]
+WantedBy=multi-user.target