maalik v2.4.2 releases: Network Pivoting and Post Exploitation Framework for Windows
Network Pivoting and Post Exploitation Framework.
- Desktop notification on new sessions.
- Kill Online sessions easily.
- Build Maalik Client, Fhdawn easily.
- Configurable values in settings.ini
- Root shell.
- Multithreaded, Get multiple sessions.
- Maalik is extremenly easy to use.
Fhdawn is the maalik client.
|Stealth||Runs in the background, Only write hidden plaintext file to disk.|
|Execute / list / delete files and Browse||Full access to all files. Browse the system remotely.|
|Windows Defender Exclusions||Add Windows Defender Exclusions.|
|Network Pivoting||Forward a Port to another Host on the network to forward exploit traffic onto it.|
|Enable / Disable Firewall||Enable or Disable Windows Firewall, Use full for pivoting scenarios. The firewall is automatically turned off during the Pivot attack.|
|Network Scanner||Discover Hosts in the subnet.|
|Port Scanner||Scans discovered hosts for common ports.|
|Automatic Eternal Blue||Automatically runs Metasploit using rc file to potentially exploit Port 445.|
|Reverse Shell||Stable Reverse Shell, Commands executed as cmd.exe /c <your input>.|
|File upload / download||Upload or Download Files.|
|Reflective DLL Injection||Reflective DLL Injection into any process.|
|Screenshot||Take a screenshot (bmp=>png).|
|SAM Dump||Dumps SAM and SYSTEM files to disk, Downloads and dumps them using
Dynamic Payload System (DPS).
Executes ‘Payloads’ in Memory using Reflective DLL Injection. The Payload is a 32-bit Reflective DLL, That carries out tasks after successful Injection. DLL output is written to a TEXT file named output.png which is used to smuggle output back to the server, And also give the DLL Payload commands.
|(DPS) Reverse Shell||Netcat Reverse shell.|
|(DPS) Administrator Prompt Trigger||Forcefully attempt to Execute an Application as Administrator.|
|(DPS) Chrome Password Recovery||Dumps Saved Google Chrome passwords. (Does not work on latest version)|
|(DPS) In Memory Meterpreter||Execute Metasploit C Shellcode.|
|(DPS) Keystroke logging||Log keystrokes.|
|(DPS) Capture Mic Input||Record Mic.|
CMD Post Exploitation Commands (CMD)
These are cmd commands that are useful in a post exploit situation. Not listed here.
- List users.
- View full System Information.
- View all Drivers.
- Get a list of running processes.
- Get Available Drive Letters.
- Get all environment variables.
- Displays information about sessions on a Remote Desktop Session Host server.
- Acronym for ‘netsh wlan show profiles’.
- Enable Remote Desktop.
- Disable Remote Desktop.
- Disable Firewall.
- Enable firewall.
- Forward a PORT on the Remote PC.
- Reset all forwarded Ports.
- Bug fixed that caused a lot of features to not work properly. Was caused by declaring Socket as a static in main header file.
Copyright (c) 2020 QuantumCored