vendor:
SMBRELAY 3
by:
Andres Tarasco Acuña
7.5
CVSS
HIGH
NTLM replay attack
N/A
CWE
Product Name: SMBRELAY 3
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2008
SMBRELAY 3 – NTLM replay attack (version 1.0 ) public version
SMBRELAY 3 is a NTLM replay attack tool which allows an attacker to capture the NTLM challenge-response of a user and use it to authenticate as that user. It was released in 2008 by Andres Tarasco Acuña and is available for download from the URL http://tarasco.org/Web/tools.html. The exploit is available in the form of a zip file from the URL https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/7125.zip.
Mitigation:
The best way to mitigate this vulnerability is to ensure that NTLM authentication is not enabled on the system.