Create a proxy server for different attacks.
Officially allowed during the OSCP exam according to the OSCP Exam FAQ, BUT Poisoning and Spoofing is NOT allowed in the labs or on the exam. YOU CANNOT DO: Spoofing (IP, ARP, DNS, NBNS, etc)
- WPAD Man-In-The-Middle (MITM) attack
- SMBRelay
- Trustwave – Responder 2.0 – Owning Windows Networks part 3
Help
sudo responder -hUsage
Listen and respond
–lm: Force LM hashing downgrade for Windows XP/2003 and earlier. Default: False
sudo -E responder -I eth0 --lmAnalyze only without responding
-A: Analyze mode. This option allows you to see NBT-NS, BROWSER, LLMNR requests without responding
sudo -E responder -I eth0 -A