Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Attacks on Windows > LLMNR POISONING > Flashcards

LLMNR POISONING Flashcards

1
Q

Qu’est-ce que LLMNR ?

A
  • LLMNR: Link-Local Multicast Name Resolution
  • Utiliser pour identifier les hôtes quand le DNS échou
  • Descendant de NBT-NS
  • This service use user’s username and NTLMv2 hash if correctly asked to do so
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Qu’est-ce que le LLMNR Poisoning ?

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Quel outil utiliser pour faire du LLMNR ?

A

Responder from Impacket

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is best time to run responder ?

A
  • On the morning when people connect to AD
  • After the lunch when people reconnect to AD
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How crack password NTLM hash retrieved by responder ?

A

hashcat -m 5600 hashes.txt rockyou.txt -O

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How run responder ?

A

python Responder.py -I INTERFACE -rdw

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are steps of basic Responder attack ?

A
  1. Run responder
  2. En event occurs
  3. Get Dem hash
  4. Crack Dem hashes
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the best defense against default Responder attack ?

A
  1. Disable LLMNR and NBT-NS
  2. If not possible
    - Require Network Access Control
    - Require strong user password (> 14 char.) and limit common word usage.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Attacks on Windows (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions