Skip to main content

One post tagged with "Hash Capture"

Hash capture refers to the process of intercepting and capturing hashed credentials, such as passwords, during an authentication attempt. This can be done using tools like Responder or Mimikatz, which exploit weaknesses in Windows' NetBIOS name resolution protocol or other authentication protocols to gather hashed login credentials. The captured hash can then be used to brute-force or crack the password, allowing attackers to gain unauthorized access.

View All Tags

HTB | Responder | Write-Up

· 14 min read

Summary:

This walkthrough outlines the attack vector used to system access on the Responder machine on Hack The Box, where an attacker would exploit the NetBIOS vulnerability to capture NTLMv2 hashes, which are then cracked using John the Ripper to obtain valid credentials. These credentials can be leveraged to ultimately gain access to root flag on the target machine.

Machine Name: Responder | Difficulty: Easy | OS: Windows