diff options
| author | Kevin Robertson <Kevin-Robertson@users.noreply.github.com> | 2021-07-11 19:17:49 -0400 |
|---|---|---|
| committer | Kevin Robertson <Kevin-Robertson@users.noreply.github.com> | 2021-07-11 19:17:49 -0400 |
| commit | 51e32f1f9c8c92d18d0b148ebb0b11cbfa898fc3 (patch) | |
| tree | 7c2f4a650ee0e4f4c8099850e0453b22cc53c417 | |
| parent | 037f341f8e2b1d68cdd934c907a8abdb21a49cca (diff) | |
| download | Inveigh-51e32f1f9c8c92d18d0b148ebb0b11cbfa898fc3.tar.gz Inveigh-51e32f1f9c8c92d18d0b148ebb0b11cbfa898fc3.zip | |
bug fixes
| -rw-r--r-- | Inveigh/Listeners/HTTPListener.cs | 2 | ||||
| -rw-r--r-- | Inveigh/Listeners/LDAPListener.cs | 2 | ||||
| -rw-r--r-- | Inveigh/Listeners/SMBListener.cs | 6 | ||||
| -rw-r--r-- | Inveigh/Program.cs | 5 | ||||
| -rw-r--r-- | Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs | 7 | ||||
| -rw-r--r-- | Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs | 2 | ||||
| -rw-r--r-- | Inveigh/Sniffer/Sniffer.cs | 8 | ||||
| -rw-r--r-- | Inveigh/Support/Arguments.cs | 42 |
8 files changed, 43 insertions, 31 deletions
diff --git a/Inveigh/Listeners/HTTPListener.cs b/Inveigh/Listeners/HTTPListener.cs index be929b2..e428a0f 100644 --- a/Inveigh/Listeners/HTTPListener.cs +++ b/Inveigh/Listeners/HTTPListener.cs @@ -216,7 +216,7 @@ namespace Inveigh if (wpadAuthIgnoreMatch) { - Output.Queue(string.Format("[-] [{0}] {1}({2}) switching wpad.dat auth to anonymous due to user agent match from {3}:{4}", DateTime.Now.ToString("s"), type, listenerPort, sourceIP, sourcePort)); + Output.Queue(string.Format("[-] [{0}] {1}({2}) switching wpad.dat auth to anonymous due to user agent match from {3}:{4}", Output.Timestamp(), type, listenerPort, sourceIP, sourcePort)); } } diff --git a/Inveigh/Listeners/LDAPListener.cs b/Inveigh/Listeners/LDAPListener.cs index 3aba3d9..19bed7d 100644 --- a/Inveigh/Listeners/LDAPListener.cs +++ b/Inveigh/Listeners/LDAPListener.cs @@ -90,7 +90,7 @@ namespace Inveigh LDAPMessage message2 = new LDAPMessage(); message2.MessageID = message.MessageID; byte[] buffer = new byte[0]; - Output.Queue(String.Format("[.] [{0}] LDAP({1}) message type {2} request from {3}:{4}", DateTime.Now.ToString("s"), listenerPort, message.Tag, clientIP, clientPort)); + Output.Queue(String.Format("[.] [{0}] LDAP({1}) message type {2} request from {3}:{4}", Output.Timestamp(), listenerPort, message.Tag, clientIP, clientPort)); if (message.Tag == 3) { diff --git a/Inveigh/Listeners/SMBListener.cs b/Inveigh/Listeners/SMBListener.cs index 2a56124..a0e6825 100644 --- a/Inveigh/Listeners/SMBListener.cs +++ b/Inveigh/Listeners/SMBListener.cs @@ -159,7 +159,7 @@ namespace Inveigh { smb2NegotiateResponse.DialectRivision = new byte[2] { 0xff, 0x02 }; smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - Output.Queue(String.Format("[.] [{0}] SMB1({1}) negotiation request received from {2}:{3}", DateTime.Now.ToString("s"), listenerPort, clientIP, clientPort)); + Output.Queue(String.Format("[.] [{0}] SMB1({1}) negotiation request received from {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); } else if (isSMB2) { @@ -172,13 +172,13 @@ namespace Inveigh smb2NegotiateResponse.Capabilities = new byte[4] { 0x2f, 0x00, 0x00, 0x00 }; smb2NegotiateResponse.NegotiateContextOffset = 448; smb2NegotiateResponse.NegotiateContextList = new SMB2NegotiateContext().GetBytes(new string[] { "1", "2", "3" }); - Output.Queue(String.Format("[.] [{0}] SMB3({1}) negotiated with {2}:{3}", DateTime.Now.ToString("s"), listenerPort, clientIP, clientPort)); + Output.Queue(String.Format("[.] [{0}] SMB3({1}) negotiated with {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); } else { smb2NegotiateResponse.DialectRivision = new byte[2] { 0x10, 0x02 }; smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - Output.Queue(String.Format("[.] [{0}] SMB2({1}) negotiated with {2}:{3}", DateTime.Now.ToString("s"), listenerPort, clientIP, clientPort)); + Output.Queue(String.Format("[.] [{0}] SMB2({1}) negotiated with {2}:{3}", Output.Timestamp(), listenerPort, clientIP, clientPort)); } responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; // todo fix diff --git a/Inveigh/Program.cs b/Inveigh/Program.cs index 80b5ca1..98730e4 100644 --- a/Inveigh/Program.cs +++ b/Inveigh/Program.cs @@ -4,6 +4,7 @@ using System.Linq; using System.Net; using System.IO; using System.Collections; +using Quiddity.NTLM; namespace Inveigh { @@ -170,7 +171,7 @@ namespace Inveigh public static string netbiosDomain = Environment.UserDomainName; public static string dnsDomain = ""; public static ulong smb2Session = 5548434740922023936; // todo check - public static string version = "2.0.1"; + public static string version = "2.0.2"; static void Main(string[] arguments) { @@ -627,7 +628,7 @@ namespace Inveigh catch (Exception ex) { Console.WriteLine(outputList.Count); - outputList.Add(String.Format("[-] [{0}] Console error detected - {1}", DateTime.Now.ToString("s"), ex.ToString())); + outputList.Add(String.Format("[-] [{0}] Console error detected - {1}", Output.Timestamp(), ex.ToString())); } } diff --git a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs index 84d49f5..0790917 100644 --- a/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs +++ b/Inveigh/Protocols/Quiddity/Protocols/NTLM/NTLMResponse.cs @@ -188,12 +188,13 @@ namespace Quiddity.NTLM private SPNEGONegTokenResp Decode(byte[] data) { + SPNEGONegTokenResp spnegoNegTokenResp = new SPNEGONegTokenResp { - NegState = ASN1.GetTagBytes(1, data)[0], - SupportedMech = ASN1.GetTagBytes(6, data), + NegState = ASN1.GetTagBytes(10, data)[0], + //SupportedMech = ASN1.GetTagBytes(6, data), ResponseToken = ASN1.GetTagBytes(4, data), - MechListMIC = ASN1.GetTagBytes(4, ASN1.GetTagBytes(163, data)) + //MechListMIC = ASN1.GetTagBytes(4, ASN1.GetTagBytes(163, data)) }; return spnegoNegTokenResp; diff --git a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs b/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs index 869af63..5b4e27c 100644 --- a/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs +++ b/Inveigh/Protocols/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs @@ -45,7 +45,7 @@ namespace Quiddity.SPNEGO public SPNEGONegTokenResp() { this.NegState = 0; - this.SupportedMech = new byte[10]; + this.SupportedMech = new byte[10]; // todo check this.ResponseToken = new byte[0]; this.MechListMIC = new byte[0]; } diff --git a/Inveigh/Sniffer/Sniffer.cs b/Inveigh/Sniffer/Sniffer.cs index cc6e08a..4aed22e 100644 --- a/Inveigh/Sniffer/Sniffer.cs +++ b/Inveigh/Sniffer/Sniffer.cs @@ -75,7 +75,7 @@ namespace Inveigh if (ex.Message.Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) { - Output.Queue(String.Format("[!] Error starting packet sniffer, check if shell has elevated privilege or set -Sniffer N for listener only mode.", DateTime.Now.ToString("s"))); + Output.Queue(String.Format("[!] Error starting packet sniffer, check if shell has elevated privilege or set -Sniffer N for listener only mode.", Output.Timestamp())); Thread.Sleep(10); Program.isRunning = false; } @@ -155,7 +155,7 @@ namespace Inveigh { tcpHeader.ReadBytes(snifferData, ipHeaderLength); - if (tcpHeader.SYN && !tcpHeader.ACK && snifferIP.StartsWith(destinationIP)) + if (tcpHeader.SYN && !tcpHeader.ACK && snifferIP.Equals(destinationIP)) { Output.Queue(String.Format("[.] [{0}] TCP({1}) SYN packet from {2}:{3}", Output.Timestamp(), tcpHeader.DestinationPort, sourceIP, tcpHeader.SourcePort)); } @@ -538,7 +538,7 @@ namespace Inveigh } else { - Output.Queue(string.Format("[.] [{0}] SMB({1}) Kerberos authentication from {2}:{3}", DateTime.Now.ToString("s"), clientPort, clientIP, listenerPort)); + Output.Queue(string.Format("[.] [{0}] SMB({1}) Kerberos authentication from {2}:{3}", Output.Timestamp(), clientPort, clientIP, listenerPort)); } } @@ -635,7 +635,7 @@ namespace Inveigh } else { - Output.Queue(string.Format("[.] [{0}] SMB({1}) Kerberos authentication from {2}:{3}", DateTime.Now.ToString("s"), clientPort, clientIP, listenerPort)); + Output.Queue(string.Format("[.] [{0}] SMB({1}) Kerberos authentication from {2}:{3}", Output.Timestamp(), clientPort, clientIP, listenerPort)); } } diff --git a/Inveigh/Support/Arguments.cs b/Inveigh/Support/Arguments.cs index b1d6302..c71f47e 100644 --- a/Inveigh/Support/Arguments.cs +++ b/Inveigh/Support/Arguments.cs @@ -246,32 +246,42 @@ namespace Inveigh else { - if (!string.Equals(Program.argListenerIP, "0.0.0.0") && string.IsNullOrEmpty(Program.argSpooferIP)) - { - Program.argSpooferIP = Program.argListenerIP; - } - else + if (string.IsNullOrEmpty(Program.argSpooferIP)) { - Program.argSpooferIP = GetLocalIPAddress("IPv4"); - if (string.IsNullOrEmpty(Program.argSpooferIP)) + if (!string.Equals(Program.argListenerIP, "0.0.0.0")) { - Program.enabledIPv4 = false; + Program.argSpooferIP = Program.argListenerIP; } + else + { + Program.argSpooferIP = GetLocalIPAddress("IPv4"); - } + if (string.IsNullOrEmpty(Program.argSpooferIP)) + { + Program.enabledIPv4 = false; + } + + } - if (!string.Equals(Program.argListenerIPv6, "::") && string.IsNullOrEmpty(Program.argSpooferIPv6)) - { - Program.argSpooferIPv6 = Program.argListenerIPv6; } - else + + if (string.IsNullOrEmpty(Program.argSpooferIPv6)) { - Program.argSpooferIPv6 = GetLocalIPAddress("IPv6"); - if (string.IsNullOrEmpty(Program.argSpooferIPv6)) + if (!string.Equals(Program.argListenerIPv6, "::")) { - Program.enabledIPv6 = false; + Program.argSpooferIPv6 = Program.argListenerIPv6; + } + else + { + Program.argSpooferIPv6 = GetLocalIPAddress("IPv6"); + + if (string.IsNullOrEmpty(Program.argSpooferIPv6)) + { + Program.enabledIPv6 = false; + } + } } |