github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-07-06 21:11:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

MultiRelay now executes WMIC commands instead of bat files

Browse source
This commit is contained in:
lgandx 2016-11-10 14:24:54 -03:00
parent 62d7dc4080
commit aff17ca9d3
3 changed files with 21 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

6
tools/MultiRelay.py
View file

@ -36,7 +36,7 @@ from SMBFinger.Finger import RunFinger
sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), '../')))
from socket import *
__version__ = "1.0"
__version__ = "1.1"
def UserCallBack(op, value, dmy, parser):
args=[]
@ -448,6 +448,10 @@ def RunShellCmd(data, s, clientIP, Host, Username, Domain):
Logs.info(clientIP+":"+Username+":"+Domain+":"+Host[0]+":Logon Failure")
return False
if data[8:10] == "\x73\x5e":
print "[+] Relay failed, NO_LOGON_SERVER returned. Credentials are probably good, but the PDC is either offline or inexistant.\n"
return False
## Ok, we are supposed to be authenticated here, so first check if user has admin privs on C$:
## Tree Connect
if data[8:10] == "\x73\x00":