Test case: Rapid7 Nexpose configured for basic authenticated scan against relay server. 5985/tcp is only configured scan port, and scan template is a limited CIS benchmark. The scan appears to be sending too many requests for ntlmrelayx to track. The target server's challenges are being applied to the incorrect responses.Solving this issue is critical to the attack being useful in the real world.
Test case: Rapid7 Nexpose configured for basic authenticated scan against relay server. 5985/tcp is only configured scan port, and scan template is a limited CIS benchmark. The scan appears to be sending too many requests for ntlmrelayx to track. The target server's challenges are being applied to the incorrect responses.Solving this issue is critical to the attack being useful in the real world.