This is a Penetration testing tutorial on a new tool , Maligno which is an Open source Penetration testing Tool that uses the Metasploit framework as the base framework . Maligno in particular uses the msfveno feature of the Metasploit to generate the SHELLCODE that is AES encrypted and encoded prior to the transmission to the victim machine .
Maligno can be used very flexibly for communication with Metasploit , and is capable to simulate malware behaviour and traffic patterns .Maligno allows the penetration tester to yield encrypted and encoded payloads and eases the job.
The Maligno architecture is quiet simple : Client and Server and the communication is either through HTTP or HTTPS .
Maligno Client : The client and the server can configured as per the needs of the penetration tester for specific C & C Communications . The client will connect to Maligno to download the Metasploit encrypted Payload . Once the Payload or the encrypted Shellcode is downloaded , the client will decrypt it and inject into the target machine. The Maligno client already has everything you will be needing for penetration tests using specific payloads . Maligno also comes with a Built in Obfuscater that is capable to obfuscating the generated payload/Shellcode .
Maligno Client supports a variety of Operating systems including Linux , Windows and OSX.
One of the features that ships in with Maligno is “Delayed Payload Execution” which can evade heuristic AV Control .
Maligno Server : The Maligno server relies heavily on the Metasploit framework to do most of the work for it. Maligno while being used in the penetration testing relies on Msfvenom to generate the payloads and shellcodes for the different machines participating and also supports Multiple payload and Multiple server capability . Also the metasploit auxiliary module Socks5a proxy is well supported.
Penetration Testing Tutorial With Maligno
During a penetration test , the penetration tester might come across a scenario where the payload needs to be spammed within a specific IP range or network or Single IP . “Last Resort Redirection” is a configuration in Maligno that doesn’t allow it to serve a payload to a target that is out of scope .
- Download Maligno Here
- Unzip the downloaded file
Maligno gives the penetration testers the full capability to configure the Maligno server , all you need to do is open and modify the sever_config file . Get a detailed explanation of how to modify this server file in docs/sever_config.explained
Client Script Creation with Maltego :
Simply type command : ./clientgen.py -f your_configuration_file_server.xml -s true
-f -> Server config File
-s -> Script with a Standalone payload (Boolean : either True or False)
The above command will generate the payload/shellcode scripts for each payload configured in server_config.xml file .
To Start the Maligno Server : ./maligno_srv.py
Now all you need to do is to setup the Metasploit listener . To do so just go to the msfresources folder and start the metasploit listner .
Maligno has been extensively used in the penetration testing for exploiting the machines and in some cases for phishing for convincing the victim to install the enviroments for running the python script .
Maligno v2.2 is downloadable for free here