Categories: Kali Linux

SMB AutoRelay : Automation Of SMB/NTLM Relay Technique For Pentesting & Red Teaming Exercises

SMB AutoRelay provides the automation of SMB/NTLM Relay technique for pentesting and red teaming exercises in active directory environments.

Usage

Syntax: ./smbAutoRelay.sh -i <interface> -t <file> [-q] [-d].

Example: ./smbAutoRelay.sh -i eth0 -t ./targets.txt.

Notice that the targets file should contain just the IP addresses of each target, one per line, to which you want to try the SMB/NTLM Relay technique.

Run ./smbAutoRelay.sh [-h] to see other options.

  • Software which installs in the current directory [needed to run properly]
  • Software which installs through apt, if not installed [needed to run properly]
    • tmux
    • rlwrap
    • python
    • python3
    • netcat
    • wget
    • xterm
    • net-tools

TODOs

  • Add the possibility to capture and crack the NetNTLM hashes.
  • Addapt it to use terminal profiles

DISCLAIMER

I AM NOT RESPONSIBLE OF THE MISUSE OF THIS TOOL. YOU RUN IT AT YOUR OWN RISK. Before running it, make sure you are in a controlled environment, and where you are allowed to perform this kind of exercise. PLEASE BE KIND 🙂

R K

Recent Posts

DICOMHawk – A Honeypot For Secure DICOM Server Monitoring

DICOMHawk is a powerful and efficient honeypot for DICOM servers, designed to attract and log…

8 minutes ago

Stratus Red Team – Advancing Threat Detection And Offensive Testing In Cloud Environments

Stratus Red Team is a cutting-edge tool designed to enhance cloud security by simulating granular…

14 minutes ago

Bomber : Navigating Security Vulnerabilities In SBOMs

bomber is an application that scans SBOMs for security vulnerabilities. So you've asked a vendor…

4 days ago

EmbedPayloadInPng : A Guide To Embedding And Extracting Encrypted Payloads In PNG Files

Embed a payload within a PNG file by splitting the payload across multiple IDAT sections.…

4 days ago

Exploit Street – Navigating The New Terrain Of Windows LPEs

Exploit-Street, where we dive into the ever-evolving world of cybersecurity with a focus on Local…

6 days ago

ShadowDumper – Advanced Techniques For LSASS Memory Extraction

Shadow Dumper is a powerful tool used to dump LSASS (Local Security Authority Subsystem Service)…

7 days ago