diff options
| author | Kevin Robertson <Kevin-Robertson@users.noreply.github.com> | 2020-05-26 22:27:56 -0400 |
|---|---|---|
| committer | Kevin Robertson <Kevin-Robertson@users.noreply.github.com> | 2020-05-26 22:27:56 -0400 |
| commit | 79ce179287e8b3f3df06b5189e739577adeffebb (patch) | |
| tree | 42c59a59566d2e564c679156599804e4a8121144 | |
| parent | 586dddacf16b871e44bfdc7b3721f31591f4ab16 (diff) | |
| download | Inveigh-79ce179287e8b3f3df06b5189e739577adeffebb.tar.gz Inveigh-79ce179287e8b3f3df06b5189e739577adeffebb.zip | |
Proxy auth fix
| -rw-r--r-- | Inveigh.ps1 | 14 |
1 files changed, 3 insertions, 11 deletions
diff --git a/Inveigh.ps1 b/Inveigh.ps1 index f1683b4..016a9b1 100644 --- a/Inveigh.ps1 +++ b/Inveigh.ps1 @@ -500,7 +500,7 @@ if($invalid_parameter) throw } -$inveigh_version = "1.503" +$inveigh_version = "1.504" if(!$IP) { @@ -2000,7 +2000,7 @@ $NTLM_functions_scriptblock = $NTLMSSP_hex_offset = $payload_converted.IndexOf("4E544C4D53535000") $session = "$SourceIP`:$SourcePort" - if(($Protocol -Like "HTTP*" -or $Protocol -Like "Proxy"-or $NTLMSSP_hex_offset -gt 0) -and $payload_converted.SubString(($NTLMSSP_hex_offset + 16),8) -eq "03000000") + if($NTLMSSP_hex_offset -gt 0 -and $payload_converted.SubString(($NTLMSSP_hex_offset + 16),8) -eq "03000000") { $NTLMSSP_offset = $NTLMSSP_hex_offset / 2 $LM_length = Get-UInt16DataLength ($NTLMSSP_offset + 12) $Payload @@ -2023,15 +2023,7 @@ $NTLM_functions_scriptblock = $host_length = Get-UInt16DataLength ($NTLMSSP_offset + 44) $Payload $host_offset = Get-UInt32DataLength ($NTLMSSP_offset + 48) $Payload $NTLM_host_string = Convert-DataToString ($NTLMSSP_offset + $host_offset) $host_length $Payload - - if($Protocol -eq "SMB") - { - $NTLM_challenge = $inveigh.SMB_session_table.$session - } - elseif($Protocol -Like "HTTP*") - { - $NTLM_challenge = $inveigh.HTTP_session_table.$session - } + $NTLM_challenge = $inveigh.HTTP_session_table.$session if($NTLM_length -gt 24) { |