Responder icon indicating copy to clipboard operation
Responder copied to clipboard
verified publisher icon lgandx

Add control on the status code returned by the SMB server

Open BlWasp opened this issue 1 year ago • 1 comments

Hello!

In this recent article, Synacktiv demonstrated that during multicast poisoning, depending on the error code returned by the SMB server at the end of the authentication process, it was possible to force the target machine to authenticate via WebDAV, if the WebClient service was running.

This PR adds a new option, -E, --ErrorCode, that permits to switch from the default STATUS_ACCESS_DENIED, to STATUS_LOGON_FAILURE.

BlWasp avatar Mar 16 '25 22:03 BlWasp

Fantastic! Thanks for this

mubix avatar Mar 17 '25 03:03 mubix

Great addition, merged.

lgandx avatar May 22 '25 07:05 lgandx