From b7e2bb76537dd8c31feecbf817095a361914e55f Mon Sep 17 00:00:00 2001
From: Kevin Robertson <robertsonk@gmail.com>
Date: Wed, 5 Aug 2015 22:39:33 -0400
Subject: Added parameter for controlling output directory. Added first version
 of loader script for easier execution as a payload.

Added '-OutputDir' parameter for controlling the output directory. Added
'Inveigh-Loader.ps1' script which has additional options for running
Inveigh as an unattended payload. Performed some cleanup. Updated
screenshot in readme.
---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'README.md')

diff --git a/README.md b/README.md
index c015622..2255b06 100644
--- a/README.md
+++ b/README.md
@@ -2,10 +2,10 @@
 Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted to a Windows system as part of client imposed restrictions.
 
 # Requirements
-Tested with PowerShell 2.0 and .NET 3.5.
+Tested minimums are PowerShell 2.0 and .NET 3.5.
 
 # Notes
-1. Currently supports IPv4 LLMNR/NBNS spoofing and HTTP/SMB NTLMv1/NTLMv2 challenge/response capture.
+1. Currently supports IPv4 LLMNR/NBNS spoofing and HTTP/HTTPS/SMB NTLMv1/NTLMv2 challenge/response capture.
 2. LLMNR/NBNS spoofing is performed through sniffing and sending with raw sockets. 
 3. SMB challenge/response captures are performed by sniffing over the host system's SMB service.
 4. HTTP challenge/response captures are performed with a dedicated listener.
@@ -17,13 +17,13 @@ Tested with PowerShell 2.0 and .NET 3.5.
 10. If you copy/paste challenge/response captures from output window for password cracking, remove carriage returns.
 
 # Usage
-Obtain an elevated administrator or SYSTEM shell. If necessary, use a method to bypass script execution policy.
+Obtain an elevated administrator or SYSTEM shell. If necessary, use a method to bypass the PowerShell script execution policy.
 
 To execute with default settings:  
 Inveigh.ps1
 
 To execute with features enabled/disabled:   
-Inveigh.ps1 -i localip -LLMNR Y/N -NBNS Y/N -NBNSTypes 00,03,20,1B -HTTP Y/N -HTTPS Y/N -SMB Y/N -Repeat Y/N -ForceWPADAuth Y/N -Output 0,1,2
+Inveigh.ps1 -IP 'local IP' -SpoofIP 'local or remote IP' -LLMNR Y/N -NBNS Y/N -NBNSTypes 00,03,20,1B -HTTP Y/N -HTTPS Y/N -SMB Y/N -Repeat Y/N -ForceWPADAuth Y/N -Output 0,1,2 -OutputDir 'valid folder path'
 
 # Screenshot
-![Inveigh](https://cloud.githubusercontent.com/assets/5897462/7216149/c49679ce-e5c2-11e4-9825-2abacc56e91f.PNG)
+![inveigh-screenshot2](https://cloud.githubusercontent.com/assets/5897462/9102520/62f199c4-3bc1-11e5-87a7-08837950a04f.PNG)
-- 
cgit v1.2.3