Attacking Active Directory | LLMNR Part 3: Relaying Hashes

Previously, I've shown you how to capture Net-NTLM hashes by abusing LLMNR in an Active Directory environment. In part two, I showed you how to take these hashes offline and try to crack them. This time, I show you how to bypass cracking the hashes by relaying them to machines that have SMB Signing disabled or not enforced! If you enjoy this content, please consider subscribing or sharing with a friend.

Disclaimer: This content is intended to be consumed by cyber security professionals, ethical hackers, and penetration testers. Any attacks performed in this video should only be performed in environments that you control or have explicit permission to perform them on.

0:00 - Introduction
1:25 - Pass The Hash vs Relay Attacks
3:05 - Topology of Network
4:30 - Prereqs for Relay Attacks
7:00 - Setting up Attack
9:00 - Performing the Attack
14:07 - Showing Attack Without Admin Rights
16:40 - Conclusion

👇 SUBSCRIBE TO INFINITELOGINS YOUTUBE CHANNEL NOW 👇
https://www.youtube.com/c/infinitelog...

Blog post mentioned in video:
https://infinitelogins.com/2020/11/13...

Attacking Active Directory | LLMNR Part 1: Capturing Hashes
   • Attacking Active Directory | LLMNR Part 1:...  

Attacking Active Directory | LLMNR Part 2: Cracking Hashes
   • Attacking Active Directory | LLMNR Part 2:...  

___________________________________________
Social Media:
Website: https://infinitelogins.com/
Twitter:   / infinitelogins  
Twitch:   / infinitelogins  

___________________________________________
Donations and Support:
Like my content? Please consider supporting me on Patreon:
  / infinitelogins  

Purchase a VPN Using my Affiliate Link
https://www.privateinternetaccess.com...

___________________________________________
Tags: #EthicalHacking #LLMNR #Pentesting