Credential Access with Responder

After getting initial access in a network, your next task is to move laterally and escalate privileges. In this course, you will see the Responder tool which allows you to exploit vulnerabilities on the LLMNR and NBT-NS protocols to get credentials
Course info
Rating
(13)
Level
Intermediate
Updated
Apr 2, 2020
Duration
20m
Table of contents
Description
Course info
Rating
(13)
Level
Intermediate
Updated
Apr 2, 2020
Duration
20m
Description

One of the main objectives on a red team engagement is to get access to several user accounts (lateral movement) as well as administrator accounts (privilege escalation). After getting initial access to the internal network, you can launch several attacks to harvest credentials. In this course, Credential Access with Responder, you will explore one of the most important tools for lateral movement and privilege escalation, the Responder tool - a LLMNR, NBT-NS, and MDNS poisoner developed by Laurent Gaffie. First, you will exploit vulnerabilities on the LLMNR protocol. Then, you will use NBT-NS and MDNS protocols to gather credentials of domain users. Finally, you will learn not only how to get NTLM hashes, but also how to crack them to get plain text passwords and how to use those hashes in pass-the-hash attacks. By the end of this course, you will know two important tactics from the Mitre Att&ck framework: LLMNR/NBT-NS Poisoning and Relay (T1171) and Network Sniffing (T1040).

About the author
About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 10+ years of IT experience, 6 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

More from the author
Collection with PowerUpSQL
Intermediate
26m
Jul 14, 2020
Collection with PowerSploit
Intermediate
28m
May 29, 2020
More courses by Ricardo Reimao
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] Hey there. Welcome to burrow in the cyber Security to scores, you learn how to get a valid credentials. Using their responder to she never had about responded before is one of the most use tools by red team specialists in a writing engagement. After getting initial access to a network, your task is to move laterally and escalate your privileges. And that's exactly where he responded. Can help you with the responder. You be able to exploit vulnerabilities on the Anil L. M in our protocol as well as the NBT and as particle, and this allows you to have this could interest in Internet trick as well as allowing you to perform past the hash attacks. So whether you're trying to move laterally in the Red team engagement or just looking to the entire vertebral machines in your own company, joining learned how to gather credentials using the responder, too. Here have oversight