Posts

Showing posts from 2017

NTLMRelayX and MITMf

Image
Introduction: Recently I have been playing around with the Man-In-The-Middle Framework (MITMf) and have found it to be the most successful tool for me to use on internal penetration tests and significantly more reliable than similar spoofing tools such as Ettercap. MITMf is a modularized framework written in Python which is capable of both establishing MITM attacks and utilizing them in very productive ways. The built-in modules make performing complicated MITM attacks extremely simple with things such as SMBAuth, BeEF injection, MSF’s BrowserSniper, BDFProxy, NetCreds, Responder, etc. Outside of just this combination, I highly recommend over any other MITM tool. Learn it, use it, live it.
There are a lot of people who use tools such as Responder to trick systems into sending NTLM credentials then relaying them with SMBRelayX (if you aren’t already doing this on internals, get on it). Although highly successful, it is quickly becoming more and more difficult to pull off as a pentester. …