Responder
Responder copied to clipboard
SpiderLabs
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication...
Most OSs these days probe for random or semi random hostnames to determine if Internet access is available. It would be nice if there was a way to automatically NXDOMAIN...
For some reason even if a different password is typed in for "Administrator" I still get the "Skipping previously captured hash for \administrator"
Requiring authentication from the port 3141 proxy may be another method to gather credentials. I didn't see this as an option, I tried `-F` and it still allowed anyone to...
In the latest build, Responder correctly lists the ip not to respond to when starting up, then responds and captures hashes anyway. https://gist.github.com/cclements/afb260d4ad47a67745ac7be000e1f2a0
Metadata
Owner
Metadata
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication...