Intercept and Hashcat
Using Responder, we can make this attack happen using this command :
1
python responder.py -I <interface> -rdwv
Copied!
Now you should see some hashes (NTLMv2) captured. The captured hashes are output into the logs file of Responder (/usr/share/responder/logs) At this point, you have two options, either relay the hash to try and have an open session (we'll see that in the next page) or you can take the hash and try to crack it offline by running hashcat on it using the following command (depending on where you're running it, its best to run it on your host system) :
1
hashcat -m 5600 hashes.txt dictionary.txt
Copied!
You can use the following cheat sheet for more infos on how to use hashcat
HashcatCheatSheet.v2018.1b (2).pdf
821KB
PDF
Hashcat Cheat sheet
​
Copy link