Six Minutes for MiTM6

Показать описание

"Hack the planet to defend better!!"
This is my new quick-hit series on offensive tools. Short videos that show an offensive tool and how to take advantage of an asset. In this video, I will show MitM6, ntlmrelayx, and secretsdump.

-~-~~-~~~-~~-~-
Please watch: "Red Team Tips February 1st: OPSEC Safe Active Directory Enumeration with SilentHound "
-~-~~-~~~-~~-~-

Комментарии

Can we do anything useful if we get a session for a non Admin user with this?

CrazyHorseO

We need three devices to make this work right? I was wondering if you would kindly shoot me a link or a tutorial on setting up my smb server to test this exploit because I am having trouble setting it up alone everytime I run my nmap scan with the said smb script it comes back as signing partially required I just want to better prepare myself for this my SMB server os is windows 10 home

jimgrayson

Sir, can we do this when we have a pivot in between attacker and the target? I have pivoted via dynamic ssh port forwarding

aestheticker

Very fun stuff.

My IPv6 Relay attacks stopped working though. Reports that LDAP authentication failed and ldap protocol not found. It also fails when I specify - smb2support What could be the issue?

My command looks something like:

Python 3 ntlmrelayx.py -6 -t ldaps//192.168.19.150 -wh fakewpad.domain.local -l loot_folder

This used to work but not anymore. I've disabled SMB signing and my DC LDAP policy is "none"

ontisitsemanyeneng