24/06/21 – Online Demo: from 0 to domain admin in 5 minutes

Online Demo: LLMNR Poisoning

On June 24, Toreon gave an online seminar on LLMNR poisoning through an online demo.
During this seminar we went into detail on what LLMNR actually is and how a poisoning attack works.

In order to provide a clear understanding on the subject, we showcased a demo of a poisoning attack. The demo starts with the attacker having access to the network and uses a responder to listen for a LLMNR request. A victim searches for one word in a browser search bar, triggering the LLMNR request, resulting in the attacker capturing the hash and proceeding to hack it.

The attacker then ends up sending their commands including malware to the victim’s PC. That malware automatically goes to infect the domain controller as well. In the end we log on to the domain controller to verify the effect of the malware on the domain controller.

Revisit our online seminar

If you missed this seminar or would like to take another look at the presentation, you can download the slides and the demo here.


Discover even more on LLMNR poisoning

Find out why your LLMNR feature should be disabled on all devices in order to mitigate an LLMNR poisoning attack.


Email bomb alert! The dangers of the ``forgot password`` page

Often overlooked by many, but the dangers are very real. Read up on them and find out how you can protect yourself against it.


Put our Ethical Hackers to the test on your organization

Learn more on the methods our ethical hackers use to expose vulnerabilities in your infrastructure and applications.

© 2020 door Toreon | Privacy and Cookie Policy

Start typing and press Enter to search

Shopping Cart