Wednesday, October 27, 2021

NTLM Relaying via Cobalt Strike

NTLM Relaying via Cobalt Strike

NTLM relaying is a popular attack strategy during a penetration test and is really trivial to perform. Just roll up at the client site, plug your laptop into the LAN, fire up responder and ntlmrelayx, and away you go.

The majority of opportunistic relays come when a user or a machine tries to access an SMB resource that doesn’t exist. It therefore sends broadcast requests which tools like responder will send poisoned responses for. There are tactics to coerce re…

Read More

Latest news
Related news