Exploitation Tools

NTLM Relay Gat – Automating Exploitation Of NTLM Relay Vulnerabilities

NTLM Relay Gat revolutionizes the approach to exploiting NTLM relay vulnerabilities by automating the use of the Impacket suite’s ntlmrelayx.py tool.

Designed for both novices and experienced cybersecurity professionals, this tool streamlines the process of identifying and exploiting weaknesses in network security.

With its user-friendly interface and powerful features, NTLM Relay Gat serves as a critical asset in the toolkit of ethical hackers and penetration testers aiming to enhance their network defense strategies.

Description

NTLM Relay Gat is a powerful tool designed to automate the exploitation of NTLM relays using ntlmrelayx.py from the Impacket tool suite. By leveraging the capabilities of ntlmrelayx.py, NTLM Relay Gat streamlines the process of exploiting NTLM relay vulnerabilities, offering a range of functionalities from listing SMB shares to executing commands on MSSQL databases.

Features

  • Multi-threading Support: Utilize multiple threads to perform actions concurrently.
  • SMB Shares Enumeration: List available SMB shares.
  • SMB Shell Execution: Execute a shell via SMB.
  • Secrets Dumping: Dump secrets from the target.
  • MSSQL Database Enumeration: List available MSSQL databases.
  • MSSQL Command Execution: Execute operating system commands via xp_cmdshell or start SQL Server Agent jobs.

Prerequisites

Before you begin, ensure you have met the following requirements:

  • proxychains properly configured with ntlmrelayx SOCKS relay port
  • Python 3.6+

Installation

To install NTLM Relay Gat, follow these steps:

  1. Ensure that Python 3.6 or higher is installed on your system.
  2. Clone NTLM Relay Gat repository:
git clone https://github.com/ad0nis/ntlm_relay_gat.git
cd ntlm_relay_gat

Install dependencies, if you don’t have them installed already:

pip install -r requirements.txt

NTLM Relay Gat is now installed and ready to use.

Usage

To use NTLM Relay Gat, make sure you’ve got relayed sessions in ntlmrelayx.py‘s socks command output and that you have proxychains configured to use ntlmrelayx.py‘s proxy, and then execute the script with the desired options. Here are some examples of how to run NTLM Relay Gat:

# List available SMB shares using 10 threads
python ntlm_relay_gat.py --smb-shares -t 10

# Execute a shell via SMB
python ntlm_relay_gat.py --smb-shell --shell-path /path/to/shell

# Dump secrets from the target
python ntlm_relay_gat.py --dump-secrets

# List available MSSQL databases
python ntlm_relay_gat.py --mssql-dbs

# Execute an operating system command via xp_cmdshell
python ntlm_relay_gat.py --mssql-exec --mssql-method 1 --mssql-command 'whoami'

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: cybersecurityinformationsecuritykalilinuxkalilinuxtoolsNTLM Relay Gat
3 months ago

Recent Posts

AutoExif – Simplifying Image Metadata Editing With Bash

AutoExif is a powerful Bash script designed to streamline the process of editing image metadata…

4 hours ago

SimpleImager V4.3 : A Step-by-Step Guide To Efficient System Imaging

SimpleImager V4.3, your go-to tool for streamlined system imaging and data acquisition. Designed to simplify…

4 hours ago

MetaOSINT – Revolutionizing OSINT Investigations With Top Tools And Resources

MetaOSINT enables open source intelligence ("OSINT") practitioners to jumpstart their investigations by quickly identifying relevant,…

4 hours ago

ThreatPinch Lookup – Enhancing Cybersecurity Investigations Through Automated Tooltips

ThreatPinch Lookup creates informational tooltips when hovering oven an item of interest on any website.…

4 hours ago

Oh Shint! Navigating The Depths Of Cyber-Intelligence With Donvito

Myself and any other potential contributors to this website are NOT in any way affiliated…

4 hours ago

M.E.A.T. – Pioneering Mobile Forensics With The Mobile Evidence Acquisition Toolkit

The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…

1 day ago