Giter Club home page Giter Club logo

Comments (5)

Kevin-Robertson avatar Kevin-Robertson commented on July 2, 2024

I'll test more firewall scenarios with Tater after I get Inveigh 1.1 released.

from tater.

topazbor avatar topazbor commented on July 2, 2024

maybe it will be nice to try to add arp spoffing for inveigh
thanks

from tater.

Kevin-Robertson avatar Kevin-Robertson commented on July 2, 2024

I'm not sure that the firewall is blocking you in this case. In my testing, it's the NBNS spoofer that triggers the firewall alert. With default setting, the spoofer is the only thing not using 127.0.0.1. In your screenshot, I can see that WPAD has been successfully spoofed so the NBNS spoofer has done its job. Here are a few things to try:

  1. Disable the firewall and see if it works
  2. Enable the firewall, delete whatever you are using (powershell or powershell_ise) from the firewall allowed list and start Tater with -NBNS N. You should not see a firewall prompt.
  3. If it always hangs at that same spot, open a browser and navigate to http://127.0.0.1. You should see an HTTP request notification from Tater. This will confirm that the HTTP listener is working.
  4. If the HTTP listener seems to be working, maybe try trigger 0 and just let it run for a day.
  5. Try potato.exe and see if it behaves the same. https://github.com/foxglovesec/Potato

I have a couple of test systems that just don't seem to want to work anymore with either potato or tater and the Windows Defender trigger. I have not had a chance to really look into it.

I'm going through a cleanup round with Tater and will continue to test.

from tater.

topazbor avatar topazbor commented on July 2, 2024

Great,
I will test with -NBNS N and let you know what happened
great job BTW

On Thu, Mar 17, 2016 at 4:23 AM, Kevin Robertson [email protected]
wrote:

I'm not sure that the firewall is blocking you in this case. In my
testing, it's the NBNS spoofer that triggers the firewall alert. With
default setting, the spoofer is the only thing not using 127.0.0.1. In your
screenshot, I can see that WPAD has been successfully spoofed so the NBNS
spoofer has done its job. Here are a few things to try:

  1. Disable the firewall and see if it works
  2. Enable the firewall, delete whatever you are using (powershell or
    powershell_ise) from the firewall allowed list and start Tater with -NBNS
    N. You should not see a firewall prompt.
  3. If it always hangs at that same spot, open a browser and navigate
    to http://127.0.0.1. You should see an HTTP request notification from
    Tater. This will confirm that the HTTP listener is working.
  4. If the HTTP listener seems to be working, maybe try trigger 0 and
    just let it run for a day.
  5. Try potato.exe and see if it behaves the same.
    https://github.com/foxglovesec/Potato

I have a couple of test systems that just don't seem to want to work
anymore with either potato or tater and the Windows Defender trigger. I
have not had a chance to really look into it.

I'm going through a cleanup round with Tater and will continue to test.


You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#3 (comment)

from tater.

topazbor avatar topazbor commented on July 2, 2024

you can close this subject

from tater.

Related Issues (6)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.