Inveigh Beta Windows PowerShell LLMNR/NBNS Spoofer
Inveigh is a Windows PowerShell LLMNR/NBNS spoofer designed to assist penetration testers that find themselves limited to a Windows system. This can commonly occur while performing standard post exploitation, phishing attacks, USB drive attacks, VLAN pivoting, or simply being restricted to a Windows system as part of client imposed restrictions.
Requirements: Tested minimums are PowerShell 2.0 and .NET 3.5
- Invoke-Inveigh – Start Inveigh with or without parameters
- Invoke-InveighRelay – SMB relay function
- Get-Inveigh – Get queued console output
- Get-InveighLog – Get log entries
- Get-InveighNTLM – Get all captured challenge/response hashes
- Get-InveighNTLMv1 – Get captured NTLMv1 challenge/response hashes
- Get-InveighNTLMv2 – Get captured NTLMv2 challenge/response hashes
- Get-InveighStats – Get captured challenge/response counts
- Watch-Inveigh – Enable real time console output
- Clear-Inveigh – Clear Inveigh data from memory
- Stop-Inveigh – Stop all running Inveigh functions
- Currently supports IPv4 LLMNR/NBNS spoofing and HTTP/HTTPS/SMB NTLMv1/NTLMv2 challenge/response capture.
- LLMNR/NBNS spoofing is performed through sniffing and sending with raw sockets.
- SMB challenge/response captures are performed by sniffing over the host system’s SMB service.
- HTTP challenge/response captures are performed with a dedicated listener.
- The local LLMNR/NBNS services do not need to be disabled on the host system.
- LLMNR/NBNS spoofer will point victims to host system’s SMB service, keep account lockout scenarios in mind.
- Kerberos should downgrade for SMB authentication due to spoofed hostnames not being valid in DNS.
- Ensure that the LMMNR,NBNS,SMB,HTTP ports are open within any local firewall on the host system.
- If you copy/paste challenge/response captures from output window for password cracking, remove carriage returns.
- SMB relay support is experimental at this point, use caution if employing on a pen test.
More information: here
[button size=large style=round color=red align=none url=https://github.com/Kevin-Robertson/Inveigh]Download Inveigh Beta[/button]