Description: Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom and transmits it over HTTP or HTTPS. The shellcode is encrypted with AES and encoded with Base64 prior to transmission.
Maligno can be downloaded from http://www.encripto.no/tools/
Tags: metasploit , payload , pyinjector , pentesting , meterpreter ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Hi , i need help friends
when i try to run the script:
root@bt:~/maligno-0.6# python maligno_srv.py
i get the next error:
raceback (most recent call last):
File "maligno_srv.py", line 24, in <module>
import re, os, base64, subprocess, ConfigParser, os, sys, ipcalc, ssl
ImportError: No module named ipcalc
@ albert it means you dont have the "ipcalc" library installed.
I THINK this is the one .
https://pypi.python.org/pypi/ipcalc
Once you install it, check line 24 in your code and make sure you have all the libraries installed.
I take it you're new to programming. Look into Vivek's SPSE course; It will get you on your way.
Cheers mate!
My question is why use Maligno when you can use Metasploit.?? unless Maligno doesn't require registration and exploits are up to date as Metasploit. Can Maligno listen as well?
@ApertureSecurity
Maligno is not a substitute for metasploit, but a tool to serve dynamic shellcode over a secure way. This would help you bypassing AV and other measures. Check the whole memory injection concept for more info.
Maligno also helps you distributing your setup during a pentest. You may have different machines (one delivering the payload, and another one with the actual metasploit handler). Just be creative hehe :-)
Thanks for the speedily reply! I will have to add this to a list of tasks to learn more.