| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Removed .NET 6 builds.
Added .NET 7 and NativeAOT builds.
|
|
Add support for compilation using NativeAOT
|
|
|
|
|
|
Fixed bug with intervals
Enabled AAAA types in DNS
|
|
|
|
Fixed cleartext capture/output bugs
Added proxyauth reconnect relay
Changed IgnoreHosts/ReplyToHosts to IgnoreQueries/ReplyToQueries
|
|
|
|
Fixed proxy auth capture issue
Added Costura.Fody
|
|
high CPU usage with sniffer
ICMPv6 socket graceful exit
NTLMv2 parsing issue
|
|
bug fixes
switched .net 4.5 to 4.6.2
switched .net 5.0 to 6.0
added workflow for release assemblies
|
|
|
|
Fix for Negotiate auth
|
|
Added ICMPv6TTL parameter for ICMPv6 attacks. more Console parameter output levels, and bug fixes.
|
|
Added ICMPv6TTL parameter for ICMPv6 attacks. more Console parameter output levels, and bug fixes.
|
|
Kevin-Robertson/dependabot/nuget/Inveigh/System.DirectoryServices.Protocols-5.0.1
Bump System.DirectoryServices.Protocols from 5.0 to 5.0.1 in /Inveigh
|
|
Bumps [System.DirectoryServices.Protocols](https://github.com/dotnet/runtime) from 5.0 to 5.0.1.
- [Release notes](https://github.com/dotnet/runtime/releases)
- [Commits](https://github.com/dotnet/runtime/compare/v5.0.0...v5.0.1)
---
updated-dependencies:
- dependency-name: System.DirectoryServices.Protocols
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|
|
|
Remove unneeded code
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Rebuilt
Cross-platform (Windows, Linux, macOS)
New listeners (SMB, LDAP, WebDAV, HTTPS)
Improved interactive console (tab complete, real time stats)
|
|
|
|
|
|
|
|
|
|
Fixed a bug that was preventing proxy and https listeners from finding a target.
|
|
https://github.com/Kevin-Robertson/Inveigh/issues/20
|
|
|
|
|
|
|
|
|
|
Added privileged and unprivileged DNS spoofer capable of answering incoming DNS requests.
New ADIDNS attack called NS that can add an NS record to direct DNS requests to Inveigh host. Using this with WPAD can bypass the global query block list (GQBL). https://blog.netspi.com/adidns-revisited/
Pcap TCP and UDP output.
New packet sniffing output including incoming SYN packets, kerberos auth negotiation, null responses, local DNS requests.
Kerberos kirbi output for unconstrained delegation attacks. - https://blog.netspi.com/machineaccountquota-is-useful-sometimes/
|
|
|
|
|
|
Inveigh
Added ADIDNS attacks
New detection evasions
Inveigh Relay
Added session and enumerate attacks
Added ability to handle multiple targets with target selection based on the enumerate attack and/or BloodHound imports
|
|
|
|
Added try/finally block to shutdown runspaces when using Empire 2.0's
"jobs kill" command.
Added handling for Firefox popup boxes.
Fixed Empire console output.
Various other small bug fixes and comment corrections.
|
|
Fixed the warning handling for running through Empire. Updated some
comments where I left out mDNS.
|
|
Inveigh.ps1
Merged Inveigh and Inveigh-Unprivileged. The new module will run the
correct functions based on the detected privilege level or
ElevatedPrivilege parameter setting.
Added proxy auth capture. (thanks to @lgandx and @mubix for the idea
from https://github.com/lgandx/Responder)
Added mDNS spoofer.
Added limited ability to attack browsers of proxy auth targets.
Added the ability to set the content type header for HTTPReponse, or
files from disk through HTTPDir, for better support for HTA, etc.
Added the ability to capture POST requests.
Inveigh-Relay.ps1
Refactored the module.
Switched to a TCPListener based HTTP listener so that the module can be
run with an unprivileged user. If running unprivileged, the Inveigh host
can be targeted with relay for privesc.
Added support for longer commands to execute on the target. The module
is now Empire 2.0 launcher friendly.
Added SMB2 support. The module will negotiate by default and can be
forced into SMB1 with the SMB1 switch.
Added proxy auth capture and relay.
Added NTLMv1 relay support.
Added RelayAutoExit parameter to stop any running Inveigh modules after
a successful relay.
Inveigh.ps1 and Inveigh-Relay.ps1
Added a new HTTPS certificate install method that does not require a
certificate file. (thanks to @subTee for code example from
https://github.com/subTee/Interceptor)
Added user agent and host header details to console/file output.
Added ability to filter out specific browsers by user agent for wpad and
proxy auth.
Added console output levels.
Added control over in memory log file and console queue.
Inveigh-Unprivileged.ps1
This module has been removed.
|
|
Thanks to @clr2of8 for reporting the typos.
|
|
Added PowerUpSQL, PoshC2, and pupy to the 'Included In' section of the
readme
|