CTF Writeup: PoisonedCredentials Lab
Analyze network traffic for LLMNR/NBT-NS poisoning attacks using Wireshark to identify the rogue machine, compromised accounts, and affected systems. When I first saw this lad and the description I was a little confused what LLMNR and NBT-NS poisoning attackers were. I’m familiar with poisoning attacks like ARP and DNS, but the LLMNR and NBT-NS protocols didn’t ring a bell for me. A lot of cybersecurity is research and understanding concepts, so I was happy to jump into this lab from CyberDefenders and learn something new. ...