diff options
| -rw-r--r-- | Invoke-SMBExec.ps1 | 12 | ||||
| -rw-r--r-- | README.md | 2 |
2 files changed, 12 insertions, 2 deletions
diff --git a/Invoke-SMBExec.ps1 b/Invoke-SMBExec.ps1 index 1a2c3a0..3a4654e 100644 --- a/Invoke-SMBExec.ps1 +++ b/Invoke-SMBExec.ps1 @@ -1523,6 +1523,11 @@ if($SMB_client.Connected) $SMB_client_stage = 'ReadAndXRequest' $SMB_client_stage_next = 'DeleteServiceW' } + elseif([System.BitConverter]::ToString($SMB_client_receive[112..115]) -eq '31-04-00-00') + { + Write-Output "Service $SMB_service creation failed on $Target" + $SMBExec_failed = $true + } else { Write-Output "Service creation fault context mismatch" @@ -2037,7 +2042,7 @@ if($SMB_client.Connected) 'StartServiceW' { - if([System.BitConverter]::ToString($SMB_client_receive[112..115]) -eq '00-00-00-00') + if([System.BitConverter]::ToString($SMB_client_receive[132..135]) -eq '00-00-00-00') { Write-Verbose "Service $SMB_service created on $Target" $SMB_service_context_handle = $SMB_client_receive[112..131] @@ -2078,6 +2083,11 @@ if($SMB_client.Connected) $SMB_client_stage = 'ReadRequest' $SMB_client_stage_next = 'DeleteServiceW' } + elseif([System.BitConverter]::ToString($SMB_client_receive[132..135]) -eq '31-04-00-00') + { + Write-Output "Service $SMB_service creation failed on $Target" + $SMBExec_failed = $true + } else { Write-Output "Service creation fault context mismatch" @@ -1,5 +1,5 @@ # Invoke-TheHash -Invoke-TheHash contains PowerShell functions for performing NTLMv2 pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Local administrator privilege is not required client-side. +Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Authentication is performed by passing an NTLM hash into the NTLMv2 authentication protocol. Local administrator privilege is not required client-side. # Requirements Minimum PowerShell 2.0 |