i have to add kali to that same interface setting on ip right ?
@adisougata3 жыл бұрын
Sir I have a question: you had a meterpreter session without requiring the password..So is it required to crack the hash to get the password..Executing this MITM through ntlmrelay attack you already got access to the system..Sir just a beginner and an technology enthusiast.
@illusionsingh Жыл бұрын
You can use Pass the Hash attack too with that captured hash... Hope you'll got your answer.
@informationsecurityinforma53664 жыл бұрын
MultiRelay is not relaying rhe hashing - blank outoput Dear sir, I am on Windows OS with IP 192.168.1.117 and I am running Kali Linux in Virtual with IP 192.168.1.100 on the same machine. I have used bridged adapter for internet settings in Virtual box. Now I have two queries 1. When I run default responder, I can see the NTLM hashes of Windows OS but when I turned 'off' SMB and HTTP, I cannot see the hashes on Responder screen 2. When I ran Multireplay -t 192.168.1.105 -u ALL //this is another windows machine in the wireless network, I cannot Relay the hashes. Can someone please help with the approach to successfully read and relay the hashes
@Hackrypt4 жыл бұрын
Make sure that both windows system are part of same domain and the domain user on system 192.168.1.117 have the permission to access share folder on system 192.168.1.105
@xilingxibit56774 жыл бұрын
do we need to send the payload to user and wait till he install it......i m bit confused.....please ping me back ASAP.
@Hackrypt4 жыл бұрын
Yes we send the payload to target by using relay attack, once the payload sent it will be executed by ntlmrelayx tool. So we don't need any interaction from target user.
@psychorockz1234 жыл бұрын
In my lab, I'm getting the hash only when the victim enters the attacker's IP in the search. Anything else is redirected to the web browser and no hash is obtained. Any thoughts?
@Hackrypt4 жыл бұрын
Don't use IP address coz LLMR works for resolving hostnames, so instead of giving IP address just give any non existing hostname in the search. Make sure that the target system is properly added to the domain and login with the domain user as given in the video.
@aleefbilal62113 жыл бұрын
Few seconds in your video and your accent is scary as hell. Kinda cool.
@s.aravindh62273 жыл бұрын
Nice video bro 👍👍👍
@xelerated Жыл бұрын
First, can you try not speed reading? So annoying, couldn’t make it past the first minute!