π§β Merlin v0.1.4 Released β Menus &Modules
Mar 15 2018
By: Russel Van Tuyl β’ 3 min read
tl;dr
Version 0.1.4 was released on March 2, 2018. It includesΒ module support, a new menu system, and aΒ JavaScript agent. Grab it from theΒ ReleasesΒ page.
MerlinΒ is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. Iβve been slowly working on the project over the past couple of months and have added a bunch of features. Community members likeΒ Dan BorgesΒ and @twigatech have made significant contributions as well. A quick highlight of the new features in this release include:
- Time skew
- Agent IP address information
- Agent file upload and download functionality
- Modules
- JavaScript Agent
- New menu system
- Command aliases
A more in-depth list of changes can be found in theΒ README
Menu System
I wanted to focus on the new menu system in this blog post. Version 0.1.3 of Merlin Server did not come with any menus. Every command that was to be executed was a long string of commands. I went with that method because it was easier to implement and allowed me focus on establish a solid base of functionality for the project. Here is an example used to execute a PowerShell command on an agentΒ agent cmd 209342db-ce7c-49e8-883f-0ee4da7d266d powershell "Get-NetAdapter|fl". While it is a very long string, Merlin has always come with tab completion to make using it a breeze.
As I worked to implement modules support, I quickly came to realize that having a single menu system was going to cause a lot of problems. Because of this, I implemented 3 new menus:
- Main
- Agent
- Module
Every menu type has built-in help support and tab completion. To access the help menu, typeΒ ?Β orΒ helpΒ and list of available commands with a description will be presented to the user.
Another highlight is that you can now execute commands directly on the system running the Merlin Server. This comes in handy when you want to runΒ ifconfig eth0Β to find your IP address without having to open a new tab or window. If the entered command is not valid for the current menu, it will be executed on host operating system.
One of the challenges I always face when switching between tools like Empire or Metasploit is trying to remember the right command. Because of this, Iβve implemented several alias commands to ease the use of Merlin Server. For instance, you runΒ sessionsΒ from main menu for a list of all agents that have checked in. Additionally,Β interactΒ was implemented to compliment Empire users. As always, tab completion is available to fill out the commands or provide a list of agents to interact with.
A quick run through of for some of the new features to include the 3 new menu systems and executing a module have been recorded in this presentation:
Iβve written Merlin as a way to learn Go and quench my hunger for programming. The tool is coming together bit by bit, commit by commit. Each release is used to build on the previous. Iβll continue to work on this and enrich its features and add additional features. This release was a big milestone adding support for modules and implementing a new menu system. Let me know your thoughts in the comments below.
-Happy Hacking
