From linux host

We can use responder to do LLMNR poisoning from linux host.

sudo responder -I ens224 -A

Used to start responding to & analyzing LLMNR, NBT-NS and MDNS queries on the interface specified proceeding the -I option and operating in Passive Analysis mode which is activated using -A. Performed from a Linux-based host.

We can crack hashes using hashcat

hashcat -m 5600 forend_ntlmv2 /usr/share/wordlists/rockyou.txt

PreviousLLMNR/NTB-NS Poisoning NextFrom Windows Host

Last updated 1 year ago