Relaying

ADFSRelay – Proof Of Concept Utilities Developed To Research NTLM Relaying Attacks Targeting ADFS

15 Dec 2022 By hackergadgets

This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information about the underlying properties and fields within the message. Examining these NTLM messages is helpful when researching the behavior of a particular NTLM implementation. ADFSRelay is a proof of concept utility developed while researching theRead More

Pretender – Your MitM Sidekick For Relaying Attacks Featuring DHCPv6 DNS Takeover As Well As mDNS, LLMNR And NetBIOS-NS Spoofing

27 Jul 2022 By hackergadgets

Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeoveras well as mDNS, LLMNR and NetBIOS-NS spoofing pretender is a tool developed by RedTeam Pentesting to obtain machine-in-the-middle positions via spoofed local name resolution and DHCPv6 DNS takeover attacks. pretender primarily targets Windows hosts, as it is intended to be used for relaying attacks butRead More

KrbRelay – Framework For Kerberos Relaying

19 Apr 2022 By hackergadgets

[*] Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There may be difficulties with Server OS in lab environments because of the firewall blocking the OXID resolver however, this will most likely not be an issue during real life engagements, same goes for CLSIDs.Read More

Lsarelayx – NTLM Relaying For Windows Made Easy

03 Jan 2022 By hackergadgets

[*] lsarelayx is system wide NTLM relay tool designed to relay incoming NTLM based authentication to the host it is running on. lsarelayx will relay any incoming authentication request which includes SMB. Since lsarelayx hooks into existing application authentication flows, the tool will also attempt to service the original authentication request after the relay isRead More

PKINITtools – Tools For Kerberos PKINIT And Relaying To AD CS

30 Sep 2021 By

[*] This repository contains some utilities for playing with PKINIT and certificates. The tools are built on minikerberos and impacket. Accompanying blogpost with more context: https://dirkjanm.io/ntlm-relaying-to-ad-certificate-services/ Installation These tools are only compatible with Python 3.5+. Clone the repository from GitHub, install the dependencies and you should be good to go: impacket minikerberos “> git cloneRead More

ADCSPwn – A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service

10 Aug 2021 By

A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to the certificate service. Usage Run ADCSPwn on your target network. authentication will be relayed to. Optional arguments: port – The port ADCSPwn will listen on. remote – Remote machine to trigger authentication from. username –Read More

X