Skip to content

Latest commit

 

History

History
26 lines (15 loc) · 1.05 KB

README.md

File metadata and controls

26 lines (15 loc) · 1.05 KB
Raw

CheeseOunce

Notice:

image The MS-EVEN runing under the NT AUTHORITY\LOCAL SERVICE account, and this account can't provide valid credentials during network authentication so, in the NTLMRelay attacking, it can't work, like this (Sorry,I didn't test it fully, before push it): image

snow

This Simple POC make windows machines auth to another via MS-EVEN.

Use ElfrOpenBELW could make us did it.

image-20220906202316168

Besides the C-based POC, an impacket-based python version is also available as cheese.py.

reference

https://github.com/topotam/PetitPotam

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-even/4db1601c-7bc2-4d5c-8375-c58a6f8fc7e1