Skip to content

add --hostname option #116

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
staaldraad merged 1 commit into from
May 3, 2020
Merged

add --hostname option #116

staaldraad merged 1 commit into from
May 3, 2020

Conversation

@rmaksimov
Copy link
Contributor

@rmaksimov rmaksimov commented Apr 19, 2020
edited
Loading

@mohemiv noticed that ruler uses predefined value "RULER" while using NTLM authentication
so i have added the --hostname option to specify any value as a host name

@rmaksimov rmaksimov force-pushed the add-hostname-option branch from e452d5a to c885a79 Compare April 19, 2020 23:37
staaldraad
staaldraad reviewed May 1, 2020
View reviewed changes
ruler.go Outdated
},
cli.StringFlag{
Name: "hostname,n",
Value: "",
Copy link
Collaborator

@staaldraad staaldraad May 1, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could we leave the default value as RULER.

It is one of the IOCs we published for the tool and although easily modifiable, it is worth having as a "script kiddie" or basic detection effort built into the tool.

https://github.com/sensepost/notruler/blob/master/iocs.md#local-host-domain-controllerexchange-server

Copy link
Contributor Author

@rmaksimov rmaksimov May 1, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure, I forgot to set it as the default value

@rmaksimov rmaksimov force-pushed the add-hostname-option branch from c885a79 to 9900d0f Compare May 1, 2020 12:11
@rmaksimov
Copy link
Contributor Author

rmaksimov commented May 1, 2020

It should be noted that the current PR solves only part of a problem (related to your fork of go-ntlm). I'm going to fix this in the near future, but it should be applied in both projects at the same time.
Until then, you can probably leave this PR open

@staaldraad
Copy link
Collaborator

staaldraad commented May 3, 2020

Awesome, thanks for the update. Yeah I had a look at updating it in the dependency as well, however this looks like it correctly overwrites the value hard-coded into the defaults. I'm happy to leave it as is, and pull this into Ruler.

@staaldraad staaldraad merged commit 9d5b041 into sensepost:master May 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@staaldraad staaldraad staaldraad left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rmaksimov @staaldraad