Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BED-5484 updated General copy to reference Relay Target instead of co… #1184

Merged
merged 3 commits into from
Feb 28, 2025
Merged

BED-5484 updated General copy to reference Relay Target instead of co… #1184

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8cf45c8
BED-5484 updated General copy to reference Relay Target instead of co…
mvlipka Feb 27, 2025
3022d2d
chore: fixing bullet points
ktstrader Feb 27, 2025
d7a5b7a
BED-5484 fixed WindowsAbuse text
mvlipka Feb 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...ges/javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToADCS/General.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ const General: FC<EdgeInfoProps> = () => {
</Typography>

<Typography variant='body2'>
Click on Composition to view the certificate templates and vulnerable enterprise CA servers that enable
Click on Relay Targets to view the certificate templates and vulnerable enterprise CA servers that enable
certificate enrollment for the target computer.
</Typography>
</>
Expand Down
12 changes: 7 additions & 5 deletions .../javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToADCS/LinuxAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,11 +23,13 @@ const LinuxAbuse: FC = () => {
<>
<Typography variant='body2'>
Examples of this attack are detailed in the following blog post:
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
<ul>
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
</ul>
</Typography>

<Typography variant={'body2'}>
Expand Down
2 changes: 1 addition & 1 deletion ...avascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToADCS/WindowsAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ const WindowsAbuse: FC<EdgeInfoProps> = () => {
<Typography variant='body2'>
2: Start the Relay Server The NTLM relay can be executed with Inveigh.
</Typography>
<Typography>
<Typography variant='body2'>
3: Coerce the Target Computer Several coercion methods are documented here:{' '}
<a href={'https://github.com/p0dalirius/windows-coerced-authentication-methods'}>
Windows Coerced Authentication Methods
Expand Down
2 changes: 1 addition & 1 deletion ...ges/javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAP/General.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ const General: FC<EdgeInfoProps> = () => {
</Typography>

<Typography variant='body2'>
Click on Composition to view the domain controllers in the domain that do not require LDAP signing.
Click on Relay Targets to view the domain controllers in the domain that do not require LDAP signing.
</Typography>
</>
);
Expand Down
28 changes: 15 additions & 13 deletions .../javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAP/LinuxAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,19 +23,21 @@ const LinuxAbuse: FC = () => {
<>
<Typography variant='body2'>
Examples of this attack are detailed in the following blog posts:
<li>
<a
href={
'https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques/'
}>
Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques
</a>
</li>
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
<ul>
<li>
<a
href={
'https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques/'
}>
Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques
</a>
</li>
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
</ul>
</Typography>

<Typography variant={'body2'}>
Expand Down
2 changes: 1 addition & 1 deletion ...avascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAP/WindowsAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ const WindowsAbuse: FC<EdgeInfoProps> = () => {
<Typography variant='body2'>
2: Start the Relay Server The NTLM relay can be executed with Inveigh.
</Typography>
<Typography>
<Typography variant='body2'>
3: Coerce the Target Computer Several coercion methods are documented here:{' '}
<a href={'https://github.com/p0dalirius/windows-coerced-authentication-methods'}>
Windows Coerced Authentication Methods
Expand Down
2 changes: 1 addition & 1 deletion ...es/javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAPS/General.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ const General: FC<EdgeInfoProps> = () => {
</Typography>

<Typography variant='body2'>
Click on Composition to view the domain controllers in the domain that do not require LDAPS channel
Click on Relay Targets to view the domain controllers in the domain that do not require LDAPS channel
binding.
</Typography>
</>
Expand Down
28 changes: 15 additions & 13 deletions ...javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAPS/LinuxAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,19 +23,21 @@ const LinuxAbuse: FC = () => {
<>
<Typography variant='body2'>
Examples of this attack are detailed in the following blog posts:
<li>
<a
href={
'https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques/'
}>
Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques
</a>
</li>
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
<ul>
<li>
<a
href={
'https://www.guidepointsecurity.com/blog/beyond-the-basics-exploring-uncommon-ntlm-relay-attack-techniques/'
}>
Beyond the Basics: Exploring Uncommon NTLM Relay Attack Techniques
</a>
</li>
<li>
<a href={'https://trustedsec.com/blog/a-comprehensive-guide-on-relaying-anno-2022'}>
I’m bringing relaying back: A comprehensive guide on relaying anno 2022
</a>
</li>
</ul>
</Typography>

<Typography variant={'body2'}>
Expand Down
2 changes: 1 addition & 1 deletion ...vascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToLDAPS/WindowsAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ const WindowsAbuse: FC<EdgeInfoProps> = () => {
<Typography variant='body2'>
2: Start the Relay Server The NTLM relay can be executed with Inveigh.
</Typography>
<Typography>
<Typography variant='body2'>
3: Coerce the Target Computer Several coercion methods are documented here:{' '}
<a href={'https://github.com/p0dalirius/windows-coerced-authentication-methods'}>
Windows Coerced Authentication Methods
Expand Down
2 changes: 1 addition & 1 deletion ...ages/javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToSMB/General.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ const General: FC<EdgeInfoProps> = () => {
</Typography>

<Typography variant='body2'>
Click on Composition to view victim computers with administrative rights on the target computer.
Click on Relay Targets to view victim computers with administrative rights on the target computer.
</Typography>
</>
);
Expand Down
2 changes: 1 addition & 1 deletion ...javascript/bh-shared-ui/src/components/HelpTexts/CoerceAndRelayNTLMToSMB/WindowsAbuse.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ const WindowsAbuse: FC<EdgeInfoProps> = () => {
2: Start the Relay Server The NTLM relay can be executed with{' '}
<a href={'https://github.com/Kevin-Robertson/Inveigh'}>Inveigh</a>.
</Typography>
<Typography>
<Typography variant='body2'>
3: Coerce the Target Computer Several coercion methods are documented here:{' '}
<a href={'https://github.com/p0dalirius/windows-coerced-authentication-methods'}>
Windows Coerced Authentication Methods
Expand Down
Loading