S.E.Book
@S_E_Book
24.3K subscribers
364 photos
10 videos
88 files
1.14K links
Copyright: @SEAdm1n

Вакансии: @infosec_work

Сотрудничество - @SEAdm1n

Обратная связь. Вопросы, предложения, пожелания, жалобы - @Social_Engineering_bot
Download Telegram
About
Blog
Apps
Platform
Join
S.E.Book
24.3K subscribers
S.E.Book
A Detailed Guide on Responder (LLMNR Poisoning).

• LLMNR, NBT-NS, MDNS and DHCP;
Responder Installation;
• Attack 1: LLMNR/NBT-NS Poisoning through SMB;
• Attack 2: LLMNR/NBT-NS Poisoning through WPAD;
Responder Analyze Mode;
Responder Basic Authentication Mode;
Responder Downgrade NTLMv2-SSP to NTLMv2;
Responder external IP poisoning;
Responder Multi-Relay: Shell on a system;
Responder DNS injection in DHCP response;
• What are these servers in responder?
• Recommendations;
• Conclusion.

🧷 https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/

#Responder
Hacking Articles
A Detailed Guide on Responder (LLMNR Poisoning) - Hacking Articles
Introduction Responder is a widely used tool in penetration test scenarios and can be used for lateral movement across the network by red teamers. The
6.3K views
S.E.Book
👨‍💻 LLMNR Poisoning with Responder.

LLMNR Poisoning;
 - Getting onto the Network (Example for Context);
LLMNR Poisoning (SMB);
 - How Responder works to poison SMB;
 - Setting up Responder for the Attack;
 - Capturing a User’s Hash with Responder: Mistyped Share;
LLMNR Poisoning (WPAD);
 - How Responder works to poison WPAD;
 - Setting up Responder for the Attack;
 - Capturing a User’s Hash with Responder: Mistyped URL;
- Why not grab plaintext?
LLMNR Poisoning (DHCP);
 - How Responder works to poison DHCP;
 - Setting up Responder for the Attack;
 - Capturing the Computer Hash with Responder: DHCP Lease Renewal;
Cracking NetNTLMv2 Hashes with Hashcat;
• Bonus: CTF’ish Use-Cases for Responder;
- Getting an NetNTLMv2 Hash from MS-SQL (port 1433);
 - Getting an NetNTLMv2 Hash from an SSRF Vulnerability;
Want to stay up to date with the latest hacks?

• In this post we will go over the concept of LLMNR poisoning. To perform LLMNR poisoning we will execute a MITM (man-in-the-middle) attack using a tool called Responder. Using this tool we will see how we can get in-between user requests for SMB, WPAD, and DHCP to gather NetNTLMv2 hashes. After that, we will see how we can crack the NetNTLMv2 hash-type using hashcat.

🧷 https://juggernaut-sec.com/llmnr-poisoning-responder/,

#hashcat #LLMNR #MITM #Responder
Please open Telegram to view this post
VIEW IN TELEGRAM
Juggernaut Pentesting Blog - A blog to help others achieve their goals in Cyber Security.
AD Recon – LLMNR Poisoning with Responder -
In this post we will go over the concept of LLMNR poisoning. To perform LLMNR poisoning, we will execute a MITM (man-in-the-middle) attack using Responder...
4.9K views
S.E.Book
👨🏻‍💻 Responder. Подробное руководство.

Responder — инструмент для про­веде­ния раз­лично­го рода MiTM атак. Изна­чаль­но предназначался для про­веде­ния «спуфинга» NBNS и LLMNR про­токо­лов, которые служат для резол­ва имен в локальных сетях windows, где не работа­ет DNS.

Вклю­чает в себя фей­ковые сер­веры на основные про­токо­лы: HTTP, SMB, MSSQL, FTP, LDAP, SMTP, POP3. и поддерживает NTLM-аутен­тифика­цию (все вер­сии NTLM протокола) для них. Мож­но сгра­бить NTLM-хеши и потом переб­рать их, получив пароли поль­зовате­лей.

Подробное руководство по использованию этого инструмента можно найти тут: https://www.hackingarticles.in/a-detailed-guide-on-responder-llmnr-poisoning/

#Пентест #Responder
4.2K views