Online Demo: LLMNR Poisoning
In order to provide a clear understanding on the subject, we showcased a demo of a poisoning attack. The demo starts with the attacker having access to the network and uses a responder to listen for a LLMNR request. A victim searches for one word in a browser search bar, triggering the LLMNR request, resulting in the attacker capturing the hash and proceeding to hack it.
The attacker then ends up sending their commands including malware to the victim’s PC. That malware automatically goes to infect the domain controller as well. In the end we log on to the domain controller to verify the effect of the malware on the domain controller.
Discover even more on LLMNR poisoning
Find out why your LLMNR feature should be disabled on all devices in order to mitigate an LLMNR poisoning attack.
Email bomb alert! The dangers of the ``forgot password`` page
Often overlooked by many, but the dangers are very real. Read up on them and find out how you can protect yourself against it.