Releases: Ne0nd0g/merlin
v1.3.0
Changed
- Added the
Integrityfield to the agents.Agent and messages.SysInfo structures - The agent menu
infocommand now shows the agent's integrity level- Windows:
2-Medium,3-High,4-System - All other OS:
3- member of sudo group,4- running as root
- Windows:
- Dockerfile now uses merlin-base image
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v1.2.1
Fixed
- merlin-agent/Issue 6 - Message padding is now a random length instead of a fixed length
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v1.2.0
Highlights
rmcommand to remove, or delete, files using native Go functionsrunasWindows command to create a process as another user with their passwordsshConnect to a remote host over SSH and execute a command (non-interactive)tokenWindows command to interact with Windows Access TokensmakeCreate a new token with a username and password; Unlistedmake_tokenaliasprivsList the current or remote process token privilegesrev2selfDrop any created or stolen access token and revert to original configuration; Unlistedrev2selfaliasstealSteal a token from another process; Unlistedsteal_tokenaliaswhoamiEnumerate process and thread token username, logon ID, privilege count, token type, impersonation level, and integrity level
Build ID: db3c882747558721bd61bda78185bd52708ed714
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v1.1.0
Highlights
- Added the following commands:
note- Add a note to an agentgroup- Create groups of agents to interact withsdelete- Securely delete a fileps- Get a Windows process listtouch- Timestomp a filenetstat- List network connectionspipes- List Windows named pipesenv- View, add, remove environment variablesuptime- View the host's uptimequeue- Queue up commands for agents or groups, even if they are not known to the server
- Can use the
sessionsandinteractcommand from any menu - Agent information now includes the process name
- Pwnboard module
Build ID: 1aafa40023ba77346537035416a85742178a67fc
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v1.0.1
v1.0.0
Highlights
- Moved agents to their own repositories: merlin-agent and merlin-agent-dll
- Moved PRISM code
- Added
main.goto repository root for the Merlin server and removed thecmddirectory all together - Removed
Invoke-Melrin.ps1andmerlin.jsfrom codebase completely - Revamped main README
Build ID: 7ea5237b6d25a86e9308395666857305f1b42da7
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v0.11.0-beta
Highlights
- Added
nslookupcommand to execute a DNS query using native Go - Added go-clr for in process .NET Common Language Runtime (CLR)
load-assemblyto load a .NET assembly into memoryinvoke-assemblyto execute a previously loaded .NET assemblylist-assembliesto list previously loaded .NET assemblies
- Added
memfdcommand to run Linux executables in-memory as an anonymous file - Upgraded go-quic package to support go v1.16
Build ID: 19bffe5`
The Server downloads contain a copy of all compiled agents in the data/bin directory
Merlin documentation and Wiki can be found here
The compressed files have a password of
merlin
v0.10.0-beta
Highlights
- Added
windows/x64/go/exec/createProcessextended module with redirected STDOUT/STDERR over anonymous pipes - Added
windows/x64/csharp/misc/SharpGenextended module that leverages SharpGen - Added
execute-assembly,execute-pe, andsharpgencommands to Agent menu - New Jobs structure so that multiple jobs and results can be sent between client and server during a single interaction
- Added a new
jobscommand to view created and sent jobs - Added a new
clearcommand to remove any jobs that have not been sent to the agent - Added Makefile
agent-windows-debugbuild target to enable viewing verbose and debug messages - Added Mythic client so Merlin agent can be used with the Mythic Framework
- Changed the
shellcommand to actually use the operating system's default shell - Changed the old
cmd&shellcommands to just use theruncommand which executes the program directly without a shell - Removed the
cmdcommand from the Agents menu - View the CHANGELOG for additional details
Build ID: be117de982e568bca441e2b57ff4ed5739148f41
The Server downloads contain a copy of all compiled agents in the data/bin directory
The compressed files have a password of
merlin
v0.9.1-beta
- Modules were not sending the first value from the modules commands section
- Pull 97 - Incorrectly validated the module and agent platforms when the agent was set to "all"
The Server downloads contain a copy of all compiled agents in the data/bin directory
Build ID: 803c9861aa8c7f0318971d010d40937f80fa1458
The compressed files have a password of
merlin
v0.9.0-beta Release
- New Listeners menu. The Merlin Server no longer takes command line arguments to start
- Start and stop as many listeners as you want without restarting the Merlin Server application
- Listeners can be started with a list of URL that an agent can communicate with (i.e.
https://127.0.0.1:443/news.php)
- Change agent's JA3 hash on the fly
- Support for
http,https, andh2cprotocols - Several bug and security fixes
- View the CHANGELOG for additional details
Build ID: 506ebc462fa040ff0a1b35004adc0cfdf0c88053
The compressed files have a password of
merlin