Hashes containing login passwords are transmitted between Windows computers on local Wi-Fi networks. By intercepting and decrypting these hashes using Responder and John the Ripper, respectively, we can learn a target’s login credentials which can be later used to gain physical access to their computer.

Why This Attack Is Possible

While communicating with other devices on a local network, Windows will use the Link-Local Multicast Name Resolution (LLMNR) protocol to perform hostname resolutions for devices on the local network. Any legitimate client on the local network can interact with the… more


Go to Source

 

Comments are closed.