Sunday, September 22, 2013

metafang 1.0

Last night, I released a small project I have been working on called metafang. It offers a service that generates dynamic .NET executables with Metasploit x86/x86_64 payloads that can be run on Unix/Windows, and provides the source code of the payload with the executable itself, in case you are worried about backdoors. :)

A free user can generate 3 payloads a month. Each payload can have up to four fangs (one per arch per os). Each payload can be regenerated 3 times within that same month. No dynamic fang encryption is available for free users, and they are not allowed to redefine fang option defaults.

An advanced user (3.99/month, 19.99/year) can generate 5 payloads a month, and have up to 12 fangs (three per arch per os). You may also regen the payloads 5 times within that same month. If they were encrypted, the keys will change each regen. Optional dynamic encryption/decryption is available to Advanced users, as well as the ability to define new fang option defaults.

An expert user (5.99/month, 29.99/year) can create 25 payloads a month, and have up to 40 fangs (10 fangs per arch per os). You may also regen the payloads 5 times each within the same month. If they are encrypted, the keys will change with each regen. Optional dynamic encryption/decryption is available to Expert users, as well as the ability to define new fang option defaults.

Each user is available in a yearly and monthly flavor, and the users revert back to a free user (with access to previous payloads).

Defining a new default fang option is done in the Edit User page (click on username, top-right) if you are an advanced/expert user. This allows you to define keys such as LHOST or LPORT that will be substituted by default on the Create Payload page.

Opening an advanced/expert account help funds future development! So think of this like a kickstarter request, but I actually already have something that works.

Feedback is always appreciated. You can comment below or send me an email at bperry[dot]volatile[at]gmail[dot]NOSPAM[dot]com.