aboutsummaryrefslogtreecommitdiff
path: root/Inveigh.psd1
AgeCommit message (Collapse)AuthorFilesLines
2018-02-19Inveigh 1.4 devKevin Robertson1-1/+1
This is an early version of Inveigh 1.4. There is probably alot that is broken. Inveigh: 1. Invoke-DNSUpdate integration - Inveigh will attempt to inject DNS records if the same LLMNR/NBNS request is observed from multiple systems. The goal is to find requests that could be valid in other subnets and leverage them through DNS. This version requires that Inveigh is running with a domain auth user context. 2. Reworked output system and formating. 3. hmm...I forget. Inveigh Relay: 1. New attack with Invoke-TheHash integration - In addition to that standard psexec style attack, Inveigh Relay now has the ability to create and maintain authenticated priv and unpriv SMB2 sessions. These sessions can be used by Invoke-SMBClient (attack file shares) and Invoke-SMBExec. Invoke-InveighRelay -Attack session -Target 10.10.10.10 wait for relay Get-Inveigh -session Invoke-SMBClient -Session 0 -Source \\10.10.10.10\share 2. Multitarget - Inveigh Relay will now accept an array of targets. As relay attempts come in, Inveigh Relay will attempt to select the best target (still needs work). 3. SMB signing check for targets on startup. 4. Reworked output system and formating. I'm temporarily housing newer versions of Invoke-DNSUpdate, Invoke-SMBClient, and Invoke-SMBExec here. They need to be imported into the same powershell session for integration to work. There is also probably a lot broken with these.
2017-04-05small updateKevin Robertson1-1/+1
2016-03-15New Script - Inveigh-BruteForce1.1Kevin Robertson1-1/+1
New Script - Inveigh-BruteForce - Remote (Hot Potato method)/unprivileged NBNS brute force spoofer. Inveigh-BruteForce Features: Targeted IPv4 NBNS brute force spoofer with granular control NTLMv1/NTLMv2 challenge/response capture over HTTP Granular control of console and file output Run time control Inveigh New Parameters: HTTPSCertAppID - Specify a valid application GUID for use with the ceriticate. LLMNRTTL - Specify a custom LLMNR TTL in seconds for the response packet. NBNSTTL - Specify a custom NBNS TTL in seconds for the response packet. WPADDirectHosts - Comma separated list of hosts to list as direct in the wpad.dat file. Listed hosts will not be routed through the defined proxy. Inveigh-Relay New Parameters: HTTPSCertAppID - Specify a valid application GUID for use with the ceriticate. RunTime - Set the run time duration in minutes. Bug Fix: Fixed an SMB relay issue that was causing a hang before sending the NTLMv2 response. Thanks to @mubix for reporting the bug and providing a packet capture.
2015-10-11Moved SMB relay code to a dedicated script, also added a Scripts directory ↵Kevin Robertson1-0/+90
and psm1 and psd1 files The SMB relay code is now in Inveigh-Relay.ps1. The script can be used either through Invoke-Inveigh or as a standalone function.
2015-10-11Revert "Moved SMB relay code to a dedicated script, also added psm1 and psd1 ↵Kevin Robertson1-90/+0
files." This reverts commit 8ab002602f672dddb91e27ff6bb7d5050771c688.
2015-10-11Moved SMB relay code to a dedicated script, also added psm1 and psd1 files.Kevin Robertson1-0/+90
The SMB relay code is now in Inveigh-Relay.ps1. The script can be used either through Invoke-Inveigh or as a standalone function.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-26 01:34:47 +0000