From 2318def4dbf419c31a088cf4a222d0ac9851b5d9 Mon Sep 17 00:00:00 2001
From: Kevin Robertson <robertsonk@gmail.com>
Date: Sun, 15 Jan 2017 18:52:30 -0500
Subject: Readme update and small SMB2 fix

Fixed an error catch with SMB2.
---
 Invoke-SMBExec.ps1 | 12 +++++++++++-
 README.md          |  2 +-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/Invoke-SMBExec.ps1 b/Invoke-SMBExec.ps1
index 1a2c3a0..3a4654e 100644
--- a/Invoke-SMBExec.ps1
+++ b/Invoke-SMBExec.ps1
@@ -1523,6 +1523,11 @@ if($SMB_client.Connected)
                             $SMB_client_stage = 'ReadAndXRequest'
                             $SMB_client_stage_next = 'DeleteServiceW'  
                         }
+                        elseif([System.BitConverter]::ToString($SMB_client_receive[112..115]) -eq '31-04-00-00')
+                        {
+                            Write-Output "Service $SMB_service creation failed on $Target"
+                            $SMBExec_failed = $true
+                        }
                         else
                         {
                             Write-Output "Service creation fault context mismatch"
@@ -2037,7 +2042,7 @@ if($SMB_client.Connected)
                     'StartServiceW'
                     {
                     
-                        if([System.BitConverter]::ToString($SMB_client_receive[112..115]) -eq '00-00-00-00')
+                        if([System.BitConverter]::ToString($SMB_client_receive[132..135]) -eq '00-00-00-00')
                         {
                             Write-Verbose "Service $SMB_service created on $Target"
                             $SMB_service_context_handle = $SMB_client_receive[112..131]
@@ -2078,6 +2083,11 @@ if($SMB_client.Connected)
                             $SMB_client_stage = 'ReadRequest'
                             $SMB_client_stage_next = 'DeleteServiceW'     
                         }
+                        elseif([System.BitConverter]::ToString($SMB_client_receive[132..135]) -eq '31-04-00-00')
+                        {
+                            Write-Output "Service $SMB_service creation failed on $Target"
+                            $SMBExec_failed = $true
+                        }
                         else
                         {
                             Write-Output "Service creation fault context mismatch"
diff --git a/README.md b/README.md
index 0862ba1..ddc18e9 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,5 @@
 # Invoke-TheHash
-Invoke-TheHash contains PowerShell functions for performing NTLMv2 pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Local administrator privilege is not required client-side.  
+Invoke-TheHash contains PowerShell functions for performing pass the hash WMI and SMB command execution. WMI and SMB services are accessed through .NET TCPClient connections. Authentication is performed by passing an NTLM hash into the NTLMv2 authentication protocol. Local administrator privilege is not required client-side.  
 
 # Requirements
 Minimum PowerShell 2.0  
-- 
cgit v1.2.3