-
responder: Listen with responder on a network and wait for AD systems to ask for a DC. This can reveal a NTLM hash. (Source) Start responder on the own system: sudo responder -I tun0 --wpad Connect from the target system to this system via smb. In the Windows explorer, or in the command line via dir…
-
See a packet in its context Kontextmenü, Follow auswählen Show only ICMP packets from a host tcpdump host 10.11.1.128 and icmp -i tun0 Show other systems communicating outside the own address ip.addr == 10.11.1.0/24 && !(ip.addr == 192.168.119.0/24) && ! dns && !browser && !ssdp && !nbns && !llmnr Record audio Wireshark can transform captured audio…
-
Linux Detect IPv6 hosts There is no arp table like in Ethernet/IPv4. But we can simulate is as follows to list all neightbours / directly reachable hosts: ping6 -c 5 ff02::1%eth0 >/dev/null ip -6 neigh Bonus: ip neigh shows the IPv4 address resolution table like the arp command does. Detect IPv6 addresses for known IPv4 addresses Scenario:…
-
See also the Wireshark post PSnuffle Metasploit module; analyse the live traffic for credentials of various protocols. msf > use auxiliary/sniffer/psnuffle PCredz PCredz uses a PCAP file and extracts hashes and other credentials. pcredz -f dump.pcap Zeek GitHub — zeek/zeek: Zeek is a powerful network analysis framework that is much different from the typical IDS you…
-
Sniffing and live content filtering. Operation modes: Unified: sniffs all packets from one interface. Packets for an attack host are ending here, but are directly forwarded after receiving Bridget: Forwards traffic from one interface to another. Absolutely secret because there is really no one “between the cable” Usage ettercap OPTIONS TARGET1 TARGET2 Targets are defined as MAC/IPv4s/IPv6s/PORT…