WARNING: Wiki content is an archive, no promise about quality!
I intend to write a program with the following features:
- Listens on 445 (and possibly 135 - 139)
- Accepts SMB connections destined for another server
- Relays data to/from that remote server
What sets this apart from other types of relays is that it'll have built-in pass the hash capabilities. What that means is, it'll ignore the user's supplied credentials and instead supply the Lanman/NTLM hashes.
It should be an interesting project! :)