SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to intercept and modify insecure SMB connections, as well as compromise some secured SMB connections if credentials are known.
More information to come – currently the tool does not support SMBv1 only connections, which is not a problem 99% of the time.
Passively download any file sent over the wire in cleartext
Downgrade clients to NTLMv2 instead of Kerberos
Inject files into directories when view by a client
Replace all files with an LNK with the same name to execute a provided command upon clicking
Replace only executable files with an LNK with the same name to execute a provided command upon clicking
Replace files with extension X with the contents of the file with extension X in the local provided directory
Replace files with the case-insensitive name X with the contents of the file sharing hte same name in the provided directory
git clone https://github.com/quickbreach/SMBetray.git cd SMBetray bash install.sh