Tag Archives: NTLM Hashes

Lnkbomb : Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares

Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester’s machine running Responder or smb server to gather NTLMv1 or NTLMv2 hashes (depending on configuration of …

Continue reading “Lnkbomb : Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares”

Bad-PDF To Steal NTLM Hashes From Windows Machines

Bad-PDF make pernicious PDF to steal NTLM Hashes from windows machines, it use defenselessness revealed by checkpoint group to make the malicious PDF record. Bad-Pdf peruses the NTLM hashes utilizing Responder listener. This strategy deal with all PDF readers(Any version) and java scripts are not required for this attack. Reference : https://research.checkpoint.com/ntlm-credentials-theft-via-pdf-files/ Also Read EggShell – …

Continue reading “Bad-PDF To Steal NTLM Hashes From Windows Machines”