Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

Credential Access with Responder

via Pluralsight

Overview

After getting initial access in a network, your next task is to move laterally and escalate privileges. In this course, you will see the Responder tool which allows you to exploit vulnerabilities on the LLMNR and NBT-NS protocols to get credentials

One of the main objectives on a red team engagement is to get access to several user accounts (lateral movement) as well as administrator accounts (privilege escalation). After getting initial access to the internal network, you can launch several attacks to harvest credentials. In this course, Credential Access with Responder, you will explore one of the most important tools for lateral movement and privilege escalation, the Responder tool - a LLMNR, NBT-NS, and MDNS poisoner developed by Laurent Gaffie. First, you will exploit vulnerabilities on the LLMNR protocol. Then, you will use NBT-NS and MDNS protocols to gather credentials of domain users. Finally, you will learn not only how to get NTLM hashes, but also how to crack them to get plain text passwords and how to use those hashes in pass-the-hash attacks. By the end of this course, you will know two important tactics from the MITRE ATT&CK framework: LLMNR/NBT-NS Poisoning and Relay (T1171) and Network Sniffing (T1040).

Taught by

Ricardo Reimao

Reviews

5 rating at Pluralsight based on 18 ratings

Start your review of Credential Access with Responder

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.