Metasploit has improved it's NTLM relay support in recent years. We can now relay NTLM from SMB to HTTP, MSSQL, SMB and LDAP. What is notably missing is the ability to relay NTLM from anything other than SMB.
Summary
Metasploit should support relaying NTLM from services other than SMB, including but not limited to HTTP. This ticket is for an HTTP NTLM relay server. The MVP should support relaying NTLM authentication from HTTP to LDAP to support which would in turn enable us to exploit NTLMRelay2Self.
Motivation
Relay attacks are still popular and are likely to remain useful for the foreseeable future due to generally being independent of dedicated patches.
Metasploit has improved it's NTLM relay support in recent years. We can now relay NTLM from SMB to HTTP, MSSQL, SMB and LDAP. What is notably missing is the ability to relay NTLM from anything other than SMB.
Summary
Metasploit should support relaying NTLM from services other than SMB, including but not limited to HTTP. This ticket is for an HTTP NTLM relay server. The MVP should support relaying NTLM authentication from HTTP to LDAP to support which would in turn enable us to exploit NTLMRelay2Self.
Motivation
Relay attacks are still popular and are likely to remain useful for the foreseeable future due to generally being independent of dedicated patches.