Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester’s machine running Responder or smb server to gather NTLMv1 or NTLMv2 hashes (depending on configuration of …
Tag Archives: NTLM Hashes
Bad-PDF To Steal NTLM Hashes From Windows Machines
Bad-PDF make pernicious PDF to steal NTLM Hashes from windows machines, it use defenselessness revealed by checkpoint group to make the malicious PDF record. Bad-Pdf peruses the NTLM hashes utilizing Responder listener. This strategy deal with all PDF readers(Any version) and java scripts are not required for this attack. Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/ Also Read EggShell – …
Continue reading “Bad-PDF To Steal NTLM Hashes From Windows Machines”