github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-08-21 22:03:30 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated DHCP Server (markdown)

lgandx 2021-04-21 12:12:34 -03:00
commit 27b589139c
1 changed files with 8 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
DHCP-Server.md

@ -51,3 +51,11 @@ DHCP.py comes with the following options:
> -S Spoof the router ip address > -S Spoof the router ip address
> >
> -R Respond to DHCP Requests, inject linux and Windows clients (noisy) > -R Respond to DHCP Requests, inject linux and Windows clients (noisy)
The best way to inject a WPAD url on a victim's workstation is to use DHCP.py with -S and -R and the other settings such as router ip, dns, etc.
When you provide a WPAD url, best is to provide your IP address and not a random NetBIOS name, since you don't know if LLMNR/NetBIOS is enabled on that workstation. **Also make sure to change "WPADScript" setting in Responder.conf and replace "ProxySrv" with your IP address.**
The best Responder setting when you launch this attack is: ./Responder.py -I eth0 -rPv
This attack is highly effective and gives you assured NTLMv1/2 hashes.