TryHackme’s Advent of Cyber 2023 — Day 23 Writeup

Authentication Attacks [ relay all the way ]

Learning Objectives

- The basics of network file shares

- Understanding NTLM authentication

- How NTLM authentication coercion attacks work

- How Responder works for authentication coercion attacks

- Forcing authentication coercion using lnk files

Understanding Concept

Computing Power Unleashed
Computers aren’t solitary entities; their true potential shines when connected to networks. In corporate setups, networks optimize resource sharing, like centralized printers accessible to all employees. This not only cuts costs but streamlines system management.

Similarly, network file shares replace scattered file copies, mitigating version control chaos. Centralized storage ensures easy access and secures files by restricting user permissions. However, the same file shares pose risks if security measures aren’t applied. Unchecked access could lead to data breaches or unauthorized alterations.

Understanding NTLM Authentication
Building on our knowledge from Day 11 about Active Directory (AD) and Kerberos, let’s delve into NetNTLM or NTLM…