๐ [ theluemmel, S4U2LuemmelSec ]
Just pushed a little update to the relay / MitM blog again.
This time NTLM Downgrade attacks.
https://t.co/R7PRhcQ37F
If successfull, you can afterwards nicely do pass the hash attacks with you new NT hash :)
๐ http://luemmelsec.github.io/Relaying-101/#ntlm-downgrade-attack
๐ฅ [ tweet ]
Just pushed a little update to the relay / MitM blog again.
This time NTLM Downgrade attacks.
https://t.co/R7PRhcQ37F
If successfull, you can afterwards nicely do pass the hash attacks with you new NT hash :)
๐ http://luemmelsec.github.io/Relaying-101/#ntlm-downgrade-attack
๐ฅ [ tweet ]
This media is not supported in your browser
VIEW IN TELEGRAM
๐ [ podalirius_, Podalirius ]
Ever wanted to trigger a #NTLM authentication to a machine using every possible RPC call ? You can do this using #Coercer ๐ฅณ๐
This tool automatically detects available pipes and protocols and call every possible functions to trigger an #authentication.
https://t.co/6aVELSP4NC
๐ https://github.com/p0dalirius/Coercer
๐ฅ [ tweet ]
Ever wanted to trigger a #NTLM authentication to a machine using every possible RPC call ? You can do this using #Coercer ๐ฅณ๐
This tool automatically detects available pipes and protocols and call every possible functions to trigger an #authentication.
https://t.co/6aVELSP4NC
๐ https://github.com/p0dalirius/Coercer
๐ฅ [ tweet ]
๐ฅ2
๐น [ snovvcrash, sn๐ฅถvvcr๐ฅsh ]
๐งถ (1/3) PCredz in Docker Thread
Iโm a big fan of the #Impacket multi-relay feature that not only allows an attacker to keep multiple relay targets alive, but can also be used for performing both #NTLM relay AND #hashes dump at the same time โฌ
https://t.co/EZtH02ynTN
#pentest
๐ https://www.secureauth.com/blog/we-love-relaying-credentials-a-technical-guide-to-relaying-credentials-everywhere/
๐ฅ [ tweet ]
๐งถ (1/3) PCredz in Docker Thread
Iโm a big fan of the #Impacket multi-relay feature that not only allows an attacker to keep multiple relay targets alive, but can also be used for performing both #NTLM relay AND #hashes dump at the same time โฌ
https://t.co/EZtH02ynTN
#pentest
๐ https://www.secureauth.com/blog/we-love-relaying-credentials-a-technical-guide-to-relaying-credentials-everywhere/
๐ฅ [ tweet ]
๐ฅ1
๐ [ Steph @w34kp455 ]
Call it the biggest #NTLM #password database or monstrous #MD5 leak, but on, you can find precomputed datasets for various wordlists and different hashes - all free!
FYI:
๐ http://weakpass.com
๐ฅ [ tweet ]
Call it the biggest #NTLM #password database or monstrous #MD5 leak, but on, you can find precomputed datasets for various wordlists and different hashes - all free!
FYI:
all_in_one.latin.txt for NTLM contains 26.5 billion pairs of hash:password inside!๐ฅ๐ http://weakpass.com
๐ฅ [ tweet ]
๐ฅ19๐5