From 27b589139ce208ffaf72c59a7dcd968425d2520b Mon Sep 17 00:00:00 2001
From: lgandx <laurent.gaffie@gmail.com>
Date: Wed, 21 Apr 2021 12:12:34 -0300
Subject: [PATCH] Updated DHCP Server (markdown)

---
 DHCP-Server.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/DHCP-Server.md b/DHCP-Server.md
index 7045cb8..86e9162 100644
--- a/DHCP-Server.md
+++ b/DHCP-Server.md
@@ -51,3 +51,11 @@ DHCP.py comes with the following options:
 >   -S                    Spoof the router ip address
 >
 >   -R                    Respond to DHCP Requests, inject linux and Windows clients (noisy)
+
+The best way to inject a WPAD url on a victim's workstation is to use DHCP.py with -S and -R and the other settings such as router ip, dns, etc.
+
+When you provide a WPAD url, best is to provide your IP address and not a random NetBIOS name, since you don't know if LLMNR/NetBIOS is enabled on that workstation. **Also make sure to change "WPADScript" setting in Responder.conf and replace "ProxySrv" with your IP address.**
+
+The best Responder setting when you launch this attack is: ./Responder.py -I eth0 -rPv
+
+This attack is highly effective and gives you assured NTLMv1/2 hashes.
\ No newline at end of file