mpgn

For now, this is only working on the poc but not in the exploit. I didn't find a proper way to duplicate the data send by the client on the...

Another problem:  Chrome (2 requests) VS Firefox (1 request) Every request send to the server with chrome is followed by another request, the favivon !

Well, chrome doesn't handle data like firefox... After sending multiple request with javascript, the server always return hmac error even if there is no hmac error. Very very strange

Hello @ehrishirajsharma Can't find where the json file is stored on linux, can you provide the default path ? **EDIT** it's on `.config/Swiftness/storage/content.json`

Hello @M4ximuss @BinaryScary just to clarify, you can already achieve this in ntlmrelayx by using option `--output-file` and get all the hash :)  To get only uniq user use...

Okay so I notice it's saving all hash even those with AUTH FAILED so be careful cracking a hash doesn't mean you go the legit password ! 

Just tested, it's working like a charm 👍 

Can we check this one before the next release of impacket @0xdeaddood ? this is really really valuable during internal pentest ! :)


A much needed feature ! But I think the socks connection should be closed if not ADMIN=TRUE, currently all connections are still open in this code if i'm reading correctly