Kevin-Robertson
commented
6 years ago Hi,
Yeah, the big problem is getting control of port 445 on Windows systems. Right now Inveigh just sniffs SMB traffic. It does not have the ability to impact SMB traffic.
I may end up including an actual SMB listener in Inveigh 1.4 for relay. Some changes will likely be needed on the host system to actually use it though. What I have so far for 1.4 is in the dev branch.
Hi,
Thank you for creating such a tool!
While using InveighRelay, I noticed that it doesn't accept SMB1/2 to SMB1/2 Relay. From the description, InveighRelay does "NTLMv1/NTLMv2 HTTP/HTTPS/Proxy to SMB1/SMB2".
The idea is similar this article using Metasploit module (SMB_Relay).
https://pen-testing.sans.org/blog/2013/04/25/smb-relay-demystified-and-ntlmv2-pwnage-with-python
-AJ-