Responder and Snarf

Hey all,

This post is about using Responder and Snarf to poison broadcasts, SMB relay, enumerate privileges and files, and when we choose, spawn a shell.  Bonus post includes doing all of the above through a pivot.

Tools:

Mitigations:

I would imagine the majority of the offsec crew can appreciate Responder and all that it can do.  Using in UNION with SMB relay, it can be a great way to get that first shell or enumerating sensitive files.  The good old days where we can relay back to the source are long past us (well I hope), but that doesn’t mean we should dismiss this as a potential wedge point.

Continue reading “Responder and Snarf”