Found Microsoft has deprecated #llmnr protocol in favor of #mdns. Found Windows 10 machine at home no longer resolves just bare name. Pushed change to #systemd. Lennart was already there saying let's not hurry. I say we should. Because resolved had that support broken anyway. And even Fedora Server 38 has it enabled.

I’m going to use this account to track what kind of stuff I’m learning as I work to build the skills to get into cybersecurity.

Today’s study material is the Day 2 class from @blackhillsinfosec’s Getting Started in Security course. Thank goodness for their pay-what-you-can option for the plebs.

Learning about the deficiencies in LLMNR. Using Responder.

Lab: capture a password hash and crack it

#cybersecurity #blackhillsinfosec #responder #llmnr

Currently watching - SANS Workshop – NTLM Relaying 101: How Internal Pentesters Compromise Domains - The presenter is giving really good explanations of how things work. https://www.sans.org/webcasts/sans-workshop-ntlm-relaying-101-how-internal-pentesters-compromise-domains/

#SANS #NTLM #LLMNR #Windows #hacking

Saper esprimere un concetto, sopratutto se complesso, in parole semplici non è facile. E non è banalizzazione, ma semplificazione.
A breve un nuovo post su #llmnr #spoofing (stavolta con cotanto di immagini di una poc reale).

Come sempre, spero possa venir utile.

@will @ayiniho
cat resolv.conf

[Resolve]
#DNS=
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes

et service systemd-resolved status
sept. 24 09:07:19 wdiz-AB350M-HD3 systemd-resolved[901]: Using degraded feature set (TCP) for DNS server ::1.

@will @ayiniho
cat resolv.conf

[Resolve]
#DNS=
#FallbackDNS=
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes

et service systemd-resolved status
sept. 24 09:07:19 wdiz-AB350M-HD3 systemd-resolved[901]: Using degraded feature set (TCP) for DNS server ::1.