superior_hosting_service

Feature-rich Post Exploitation Framework with Network Pivoting capabilities.

Maalik

Network Pivoting and Post Exploitation Framework.

Features

Console Features

Desktop notification on new session.
Kill Online session easily.
Build Maalik Client, Fhdawn easily.
Configurable values in settings.ini
Root shell.
Multithreaded, Get multiple sessions.
Maalik is extremenly easy to use.

Fhdawn Features

Fhdawn is the maalik client.

Feature	Description
Stealth	Runs in background, Only writes hidden plaintext file to disk.
Auto Admin	Attempts to become Administrator by impersonating Windows Defender.
Execute / list / delete files and Browse	Full access to all files. Browse the system remotley.
Windows Defender Exclusions	Add Windows Defender Exclusions.
Network Pivoting	Forwards a Port to another Host on the network to forward exploit traffic onto it.
Enable / Disable Firewall	Enable or Disable Windows Firewall, Use full for pivoting scenarios. Firewall is automatically turned off during Pivot attack.
Network Scanner	Discover Hosts in the subnet.
Port Scanner	Scans discovered hosts for common ports.
MS17-10 Network Scanner	Scans the network for Hosts vulnerable to MS17-10, The Eternal Blue.
Automatic Eternal Blue	Automatically runs metasploit using rc file to potentially exploit Port 445.
Reverse Shell	Stable Reverse Shell, Commands executed as `cmd.exe /c <your input>`.
File upload / download	Upload or Download Files.
Reflective DLL Injection	Reflective DLL Injection into any process.
Screenshot	Take screenshot (`bmp=>png`).
GeoLocation	Geolocate Fhdawn.
SAM Dump	Dumps SAM and SYSTEM files to disk, Downloads and dumps them using `samdump2`.

Dynamic Payload System (DPS).

Executes ‘Payloads’ in Memory using Reflective DLL Injection. The Payload is a 32 bit Reflective DLL, That carries out tasks after successful Injection. DLL output is written to a TEXT file named output.png which is used to smuggle output back to server, And also give the DLL Payload commands.

Payload	Description
(DPS) Reverse Shell	Netcat Reverse shell.
(DPS) Administrator Prompt Trigger	Forcefully attempt to Execute an Application as Administrator.
(DPS) Chrome Password Recovery	Dumps Saved Google Chrome passwords. (Does not work on latest version)
(DPS) In Memory Meterpreter	Execute Metasploit C Shellcode.
(DPS) Keystroke logging	Log keystrokes.
(DPS) Capture Mic Input	Record Mic.
(DPS) Registry Persistence	Add any application to startup using registry keys.

CMD Post Exploitation Commands (CMD)

These are cmd commands that are useful in a post exploit situation. Not listed here.

List users.
View full System Information.
View all Drivers.
Get list of running processes.
Get Available Drive Letters.
Get all envoironment variables.
Displays information about sessions on a Remote Desktop Session Host server.
Acronym for ‘netsh wlan show profiles’.
Enable Remote Desktop.
Disable Remote Desktop.
Disable Firewall.
Enable firewall.
Forward a PORT on the Remote PC.
Reset all forwarded Ports.

Install :

Do not clone the repository.

Recommended OS is Kali Linux.
Download and extract the Latest Release

cd maalik
sudo chmod +x install.sh
sudo ./install.sh

Click here for Maalik Usage guide.

This Project is active in developement. There may be Errors and bugs that I may have missed. If you find any, Or you have an idea or suggestion. Please submit here.

TODO

Add Route pivoting.
Add Reflective Exploits.
Maalik V.3. ( ͡° ͜ʖ ͡°)

Links

If you have used maalik in a video or blog, Please Contact me.

Developer

Hi my name’s Fahad. You may contact me, on Discord or My Website Contact discord for fastest response.

LICENSE

VIEW LICENSE

The Developer is not responsible for any misuse of Damage caused by the program. This is created only to innovate NetSec and YOU.

Donate

Help me with my future projects. Thank you. Donate with Crypto

Github Link

BurpSuite Highlighter and Extractor