CheeseOunce

Notice:

The MS-EVEN runing under the NT AUTHORITY\LOCAL SERVICE account, and this account can't provide valid credentials during network authentication so, in the NTLMRelay attacking, it can't work, like this (Sorry,I didn't test it fully, before push it):

This Simple POC make windows machines auth to another via MS-EVEN.

Use ElfrOpenBELW could make us did it.

Besides the C-based POC, an impacket-based python version is also available as cheese.py.

reference

https://github.com/topotam/PetitPotam

https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-even/4db1601c-7bc2-4d5c-8375-c58a6f8fc7e1

Name		Name	Last commit message	Last commit date
Latest commit History 8 Commits
MS-EVEN		MS-EVEN
.gitattributes		.gitattributes
README.md		README.md
cheese.py		cheese.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CheeseOunce

Notice:

reference

About

Releases

Packages

Contributors 2

Languages

evilashz/CheeseOunce

Folders and files

Latest commit

History

Repository files navigation

CheeseOunce

Notice:

reference

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages