Penetration Testing with Maligno Tutorial

By -
This is a Penetration testing tutorial on a new tool , Maligno which is an Open sourcePenetration testing Tool that uses the Metasploit framework as the base framework . Maligno in particular uses the msfveno feature of the Metasploit to generate the SHELLCODE that is AES encrypted and encoded prior to the transmission to the victim machine .
Maligno can be used very flexibly for communication with Metasploit , and is capable to simulate malware behaviour and traffic patterns .Maligno allows the penetration testerto yield encrypted and encoded payloads and eases the job.
The Maligno architecture is quiet simple : Client and Server  and the communication is either through HTTP or HTTPS .
Maligno Client : The client and the server can configured as per the needs of the penetration tester for specific C & C Communications . The client will connect to Maligno to download the Metasploit encrypted Payload . Once the Payload or the encrypted Shellcode is downloaded , the client will decrypt it and inject into the target machine. The Maligno client already has everything you will be needing for penetration tests using specific payloads . Maligno also comes with a Built in Obfuscater that is capable to obfuscating the generated payload/Shellcode .
Maligno Client supports a variety of Operating systems including Linux , Windows and OSX.
One of the features that ships in with Maligno is “Delayed Payload Execution” which can evade heuristic AV Control .
Maligno Server :  The Maligno server relies heavily on the Metasploit framework to do most of the work for it.  Maligno while being used in the penetration testing  relies on Msfvenom to generate the payloads and shellcodes for the different machines participating and also supports Multiple payload and Multiple server capability . Also the metasploit auxiliary module Socks5a proxy is well supported.

Penetration Testing Tutorial With Maligno

During a penetration test , the penetration tester might come across a scenario where the payload needs to be spammed within a specific IP range or network or Single IP . “Last Resort Redirection” is a configuration in Maligno that doesn’t allow it to serve a payload to target that is out of scope .
Installation : 
Configuration : 
Maligno gives the penetration testers the full capability to configure the Maligno server , all you need to do is open and modify the sever_config file . Get a detailed explanation of how to modify this server file in docs/sever_config.explained
Client Script Creation with Maltego : 
Simply type command : ./clientgen.py -f your_configuration_file_server.xml -s true
-f -> Server config File
-s -> Script with a Standalone payload (Boolean : either True or False)
The above command will generate the payload/shellcode scripts for each payload configured in server_config.xml file .
To Start the Maligno Server  : ./maligno_srv.py
Now all you need to do is to setup the Metasploit listener . To do so just go to the msfresources folder and start the metasploit listner .
Maligno has been extensively used in the penetration testing for exploiting the machines and in some cases for phishing for convincing the victim to install the enviroments for running the python script .
Maligno v2.2 is downloadable for free here

Comments

Post a Comment

Popular posts from this blog

HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING KALI LINUX.

By -
Image
HACK EMAIL-ID,USERNAME AND PASSWORD OR ANY USER DETAILS BY USING  KALI LINUX . Today,i am going to show you how you can get email-id,username and password or any user details you want by using  KALI LINUX . STEPS FOR SETTING UP YOUR SYSTEM. Download Kali Linux from   here . Extract the contents of Kali Linux iso file which you  downloaded in step and copy it to pendrive or instead of pendrive burn the iso file in cd if you want to make a cd of it. After copying all contents to pendrive or burning the iso file in cd,reboot you system,press F8 on boot-time and select boot from pendrive if you have copied all the files in pendrive,else boot from cd-rom if you burn the iso file in cd. After selecting the boot from device,the kali installation window will open,install accordingly as per your requirement. NOTE:During installation,in mount point of selected installation drive,set mount point to  "/" . Remember the username and password while installation as this will
Read more

Port Fail Vulnerability : Critical VPN Vulnerability

By -
Image
Port Fail Vulnerability : Critical VPN Vulnerability How Port Fail Vulnerability Exposes your REAL IP on SKYPE Using Port Fail Vulnerability it’s possible to disclose the real IP of a Skype accounts you’re interested in. There are a bunch of Skype IP resolvers which can give you the VPN IP address and port number of a Skype user using only their Skype login. Then you need to use the same thing a copyright monitoring company would use — send some UDP packets to the whole internet on the exact port. It’s remarkable but Skype will send you a reply for almost any data! The nping utility from  nmap  package suits our needs very well: # nping --udp -p 13318 --data-string 'hellothere!' -c 1 serv.valdikss.org.ru Starting Nping 0.7.00 ( https://nmap.org/nping ) at 2015-12-20 19:54 MSK SENT (0.0157s) UDP 195.154.127.59:53 > 92.42.31.8:13318 ttl=64 id=10802 iplen=39  RCVD (0.0859s) UDP 185.61.149.121:4272 > 195.154.127.59:53 ttl=54 id=1534 iplen=32    Max rtt: N/A | M
Read more