Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS
Tags
Common Information
| Type | Value |
|---|---|
| UUID | f9a14cf1-d34c-439e-a385-7dbf74427b57 |
| Fingerprint | d43c2903886b86d1 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | July 10, 2018, 7 a.m. |
| Added to db | Jan. 18, 2023, 8:37 p.m. |
| Last updated | Nov. 17, 2024, 11:40 p.m. |
| Headline | Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS |
| Title | Beyond LLMNR/NBNS Spoofing – Exploiting Active Directory-Integrated DNS |
| Detected Hints/Tags/Attributes | 49/1/17 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.netspi.com/exploiting-adidns/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | nodnsrecord.inveigh.net |
|
| Details | Domain | 1 | nodnsrecord2.inveigh.net |
|
| Details | Domain | 1 | inveigh-dc1.inveigh.net |
|
| Details | Domain | 1 | inveigh.net |
|
| Details | Domain | 1 | hostmaster.inveigh.net |
|
| Details | Domain | 4128 | github.com |
|
| Details | Github username | 5 | kevin-robertson |
|
| Details | md5 | 1 | CBD38F1537AAD7D39CE6A5BC5687373A |
|
| Details | IPv4 | 1 | 192.168.125.100 |
|
| Details | IPv4 | 1 | 192.168.125.102 |
|
| Details | IPv4 | 1 | 192.168.125.104 |
|
| Details | IPv4 | 1 | 192.168.125.105 |
|
| Details | IPv4 | 1 | 192.168.125.106 |
|
| Details | IPv4 | 1 | 192.168.125.10 |
|
| Details | IPv4 | 619 | 0.0.0.0 |
|
| Details | Url | 4 | https://github.com/kevin-robertson/powermad |
|
| Details | Url | 1 | https://github.com/kevin-robertson/powermad/wiki |