Published on December 22nd, 2014 | by MaxiSoler0
Maligno v1.4 Released
Maligno is an open source penetration testing tool that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission. Maligno is licensed under the FreeBSD license.
Maligno comes with a client tool, which supports HTTP, HTTPS and encryption capabilities. The client is able to connect to Maligno in order to download an encrypted Metasploit payload. Once the shellcode is received, the client will decode it, decrypt it and inject it in the target machine.
As a result, you should get your Metasploit session while avoiding detection.
- Code housekeeping. Better organization with /libs.
- Improved data validation (config and profiles), error detection and error description.
- Get caught mode.
- Request throttling for get caught mode.
- Client template tag simplification.
- Max nap time added to client template.
- Two new profiles. Nuclear exploit kit and zemot.
- Installation script.
- Encrypted communications: Maligno is a web server which communicates via HTTP or HTTPS with the clients. Communications are encrypted with AES and encoded with Base64 both for HTTP and HTTPS. Encryption and encoding parameters can be configured. Clients do NOT validate the server certificate by default.
- On the fly shellcode generation – per session mode: Maligno will generate shellcode while starting up, and it will cache it for later use. Maligno will serve the cached shellcode to all clients that request it during the session. Maligno will maintain a cache for each configured Metasploit payload. The cache is removed when Maligno is shut down.
- Multi-payload support: You may configure Maligno with several Metasploit payloads. Clients can request different payloads to the server. Payloads are referred by an index, which is passed as a GET parameter. Such parameter can be also configured.
- Multi-server support: Maligno can run on a single server with Metasploit or in separate machines. Clients will connect to Maligno, and Maligno will generate shellcode that points to a pre-configured Metasploit multi-handler.
- SOCKS4a proxy support: Maligno helps you starting a Metasploit auxiliary socks4a proxy, which can be used with payloads such as reverse_https_proxy. This will allow you to send all your traffic through your Maligno server, in case of having a multi-server environment.
- Scope definition: Maligno allows you to define single IP addresses or ranges. This will ensure that your shellcode is served only to machines involved in your pentest. You may also use a wildcard in order to accept ANY address.
- Last resort redirection: Maligno will redirect hosts out of scope, or hosts sending invalid requests, to a configured URL.
- Client code generator and pseudorandom obfuscator: Maligno comes with a script that will generate and obfuscate (pseudorandomly) client code ready for use, based on your server configuration.
- Delayed client execution: Maligno clients use a basic random execution delay, which attempts to bypass AV-sandboxes.
- Metasploit resource file generator: Maligno generates MSF resource files based on your configuration, which can be used with msfconsole right away.
More Information: here