[Feature Suggestions/Enhancements]: Can we please add rportfwd_local for NTLM relay ?

[rafale0n]

Contact Details

No response

What is the idea?

Can we please consider adding rportfwd_local so we can handle NTLM relays like Cobalt does. for example:

beacon> help rportfwd_local Use: rportfwd_local [bind port] [forward host] [forward port] rportfwd_local stop [bind port]

Binds the specified port on the target host. When a connection comes in, Cobalt Strike will make a connection to the forwarded host/port, via your Cobalt Strike client, and use Beacon to relay traffic between the two connections. [11/28 13:25:51] beacon> rportfwd_local 8080 10.20.1.7 80

Which will result in NTLM relay to the operator host.

Pretty please!

PS. Thanks for everything you have done team. Much love!

Is_it_already_in?

No (You checked and it doesn't.)

Relevant code samples

No response

Are-You-Trolling?

• [X] I declare I made an effort and provided the necessary information for an understanding of the feature by the Framework authors.