Showing posts from May, 2018

LLMNR and NBT-NS poisoning attack using Responder and MultiRelay

In the previous post we discussed the basis for a LLMNR and NBT-NS attack and we showed this attack by using four Metasploit modules. In this new video we will continue to demonstrate the LLMNR and NBT-NS attack, but instead of Metasploit we will be using Laurent Gaffie's Responder script. Responder Responder is a Python script that listens for Link-Local Multicast Name Resolution (LLMNR), Netbios Name Service (NBT-NS) and Multicast Domain Name System (mDNS) broadcast messages. Responder is also a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.  More information about Responder and its related utilities can be found on Laurent Gaffie's Blog . The script can be downloaded from Github on: The following options are available when running Responder: The following command was used to laun