| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
LLMNR/NBNS spoofing IPs.
Fixed a bug that prevented SMB server challenges from being captured
when NBNS spoofing was disabled. The listening IP can now be set with
the '-IP' parameter and the LLMNR/NBNS spoofing IP can be set with
'-SpooferIP'. Both parameters are optional. If not set, the listening IP
will be used for '-SpooferIP'. Replaced the one write-host with a
write-warning. Removed the '-help' parameter.
|
|
Added ability to enabled/disable spoofing specific NBNS types with the
-NBNSTypes parameter. Cleaned up parameter validation code.
|
|
Added '-Output' option to enable/disable most console output and all
file output. 0 = Console Enabled/File Enabled, 1 = Console Enabled/File
Disabled, 2 = Console Disabled/File Enabled. 0 is default.
|
|
HTTPS captures can now be enabled. The default setting is disabled. Note
that if HTTPS is enabled, the cert file needs to be in the same
directory as the script. The cert will be installed in the local machine
certificate store and bound to port 443. The script should remove the
cert from the store and delete the binding on exit. If needed, see HTTPS
parameter comments in the script or execute "Get-help .\Inveigh.ps1
-parameter https" for manual cert cleanup instructions.
|
|
ForceWPADAuth matches Responder option to enable/disable authentication
for wpad.dat GET requests. Disabling can prevent browser login prompts.
The option is currently enabled by default.
|
|
|
|
|
|
|
|
|
|
|
|
Added '-repeat y/n' option that can suppress repeat LLMNR/NBNS spoofs by
IP address. Once a user challenge/response has been captured from an IP
address, no additional LLMNR/NBNS spoofed responses will be sent to that
IP.
|
|
|
|
Script can now find a local IP to listen on. This will help when using
the script as a payload.
|
|
Disabling LLMNR/NBNS now just disables sending spoofed responses.
Requests are now displayed and logged.
|
|
Added support for attacking Windows XP clients. Fixed malformed NBNS
response packet and incorrect HTTP NTLMv2 output file.
|
|
|
|
|
|
|
|
|
|
|
|
Conflicts:
Inveigh.ps1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This reverts commit bbc9752d61a740cea6bbafca6363d11e745b3f21.
|
|
|
|
PowerShell LLMNR Spoofer
|