aboutsummaryrefslogtreecommitdiff
path: root/Inveigh.psd1
AgeCommit message (Collapse)AuthorFilesLines
2017-04-05Inveigh 1.31.3Kevin Robertson1-1/+1
Inveigh.ps1 Merged Inveigh and Inveigh-Unprivileged. The new module will run the correct functions based on the detected privilege level or ElevatedPrivilege parameter setting. Added proxy auth capture. (thanks to @lgandx and @mubix for the idea from https://github.com/lgandx/Responder) Added mDNS spoofer. Added limited ability to attack browsers of proxy auth targets. Added the ability to set the content type header for HTTPReponse, or files from disk through HTTPDir, for better support for HTA, etc. Added the ability to capture POST requests. Inveigh-Relay.ps1 Refactored the module. Switched to a TCPListener based HTTP listener so that the module can be run with an unprivileged user. If running unprivileged, the Inveigh host can be targeted with relay for privesc. Added support for longer commands to execute on the target. The module is now Empire 2.0 launcher friendly. Added SMB2 support. The module will negotiate by default and can be forced into SMB1 with the SMB1 switch. Added proxy auth capture and relay. Added NTLMv1 relay support. Added RelayAutoExit parameter to stop any running Inveigh modules after a successful relay. Inveigh.ps1 and Inveigh-Relay.ps1 Added a new HTTPS certificate install method that does not require a certificate file. (thanks to @subTee for code example from https://github.com/subTee/Interceptor) Added user agent and host header details to console/file output. Added ability to filter out specific browsers by user agent for wpad and proxy auth. Added console output levels. Added control over in memory log file and console queue. Inveigh-Unprivileged.ps1 This module has been removed.
2016-03-15New Script - Inveigh-BruteForce1.1Kevin Robertson1-1/+1
New Script - Inveigh-BruteForce - Remote (Hot Potato method)/unprivileged NBNS brute force spoofer. Inveigh-BruteForce Features: Targeted IPv4 NBNS brute force spoofer with granular control NTLMv1/NTLMv2 challenge/response capture over HTTP Granular control of console and file output Run time control Inveigh New Parameters: HTTPSCertAppID - Specify a valid application GUID for use with the ceriticate. LLMNRTTL - Specify a custom LLMNR TTL in seconds for the response packet. NBNSTTL - Specify a custom NBNS TTL in seconds for the response packet. WPADDirectHosts - Comma separated list of hosts to list as direct in the wpad.dat file. Listed hosts will not be routed through the defined proxy. Inveigh-Relay New Parameters: HTTPSCertAppID - Specify a valid application GUID for use with the ceriticate. RunTime - Set the run time duration in minutes. Bug Fix: Fixed an SMB relay issue that was causing a hang before sending the NTLMv2 response. Thanks to @mubix for reporting the bug and providing a packet capture.
2015-10-11Moved SMB relay code to a dedicated script, also added a Scripts directory ↵Kevin Robertson1-0/+90
and psm1 and psd1 files The SMB relay code is now in Inveigh-Relay.ps1. The script can be used either through Invoke-Inveigh or as a standalone function.
2015-10-11Revert "Moved SMB relay code to a dedicated script, also added psm1 and psd1 ↵Kevin Robertson1-90/+0
files." This reverts commit 8ab002602f672dddb91e27ff6bb7d5050771c688.
2015-10-11Moved SMB relay code to a dedicated script, also added psm1 and psd1 files.Kevin Robertson1-0/+90
The SMB relay code is now in Inveigh-Relay.ps1. The script can be used either through Invoke-Inveigh or as a standalone function.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-30 07:08:40 +0000