One day me and @m3g9tr0n were discussing different places where we can use responder in stealing NetNTLM hashes. After experimenting I thought of writing this post along with some cool findings in the world of Windows. SMBRelay attacks are also possible in these scenarios. LFI The include() in PHP will resolve the network path for … Continue reading Places of Interest in Stealing NetNTLM Hashes