all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Lnkbomb - Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares

Add to bookmarks
March 14, 2022, 8:30 p.m. | noreply@blogger.com (Unknown)

KitPloit - PenTest Tools! www.kitploit.com


Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester's machine running Responder or smbserver to gather NTLMv1 or NTLMv2 hashes (depending on configuration of the victim host machine). The tester can then attempt to crack those collected hashes offline with a tool like Hashcat.

The payload file is uploaded directly …

generator hashes insecure malicious ntlm vulnerability windows

Visit resource

More from www.kitploit.com / KitPloit - PenTest Tools!

HackerInfo - Infromations Web Application Security 4 hours ago | www.kitploit.com
hackerinfo python python3
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets 15 hours ago | www.kitploit.com
c2-tracker cybersecurity infosec osint +7
VectorKernel - PoCs For Kernelmode Rootkit Techniques Research 6 days, 4 hours ago | www.kitploit.com
64bit api education kernel +17
Cookie-Monster - BOF To Steal Browser Cookies & Credentials 1 week ago | www.kitploit.com
cookie-monster passwords processes python +2
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected 1 week, 1 day ago | www.kitploit.com
mechanism microsoft mimikatz noargs +3
Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of … 1 week, 2 days ago | www.kitploit.com
frameless-bitb scanners scripts subdomains +2
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking 1 week, 2 days ago | www.kitploit.com
analysis beginners cracking infosec +11
Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The … 1 week, 5 days ago | www.kitploit.com
api api endpoints automated client +20
APKDeepLens - Android Security Insights In Full Spectrum 1 week, 6 days ago | www.kitploit.com
android security apkdeeplens mobile security vulnerabilities +1

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Specialist

@ Lely | Maassluis, Netherlands
View on infosec-jobs.com

IT Security Manager (Corporate Security) (REF822R)

@ Deutsche Telekom IT Solutions | Budapest, Hungary
View on infosec-jobs.com

Senior Security Architect

@ Cassa Centrale Banca - Credito Cooperativo Italiano | Trento, IT, 38122
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Raft | Las Vegas, NV (Remote)
View on infosec-jobs.com

Product Manager - Compliance

@ Arctic Wolf | Remote - Colorado
View on infosec-jobs.com
View more jobs