{"version":1,"type":"rich","provider_name":"Libsyn","provider_url":"https:\/\/www.libsyn.com","height":90,"width":600,"title":"7MS #700: Pretender","description":"Today is episode 700 of the 7MinSec podcast! Oh my gosh. My mom didn\u2019t think we could do it, but we did. Instead of a big blowout with huge news, giveaways and special guests, today is a pretty standard issue episode with a (nearly) 7-minute run time! The topic of today\u2019s episode is Pretender (which you can download&amp;nbsp;here&amp;nbsp;and read a lot more about&amp;nbsp;here).&amp;nbsp; The tool authors explain the motivation behind the tool: \u201cWe designed pretender with the single purpose to obtain machine-in-the-middle positions combining the techniques of&amp;nbsp;mitm6&amp;nbsp;and&amp;nbsp;only&amp;nbsp;the name resolution spoofing portion of&amp;nbsp;Responder.\u201d On a recent pentest, I used Pretender\u2019s \u201cdry run\u201d mode to find a hostname (that didn\u2019t exist) that a ton of machines were querying for, and poisoned requests&amp;nbsp;just for that host.&amp;nbsp; This type of targeted poisoning snagged me some helpful hashes that I was able to crack\/relay, all while minimizing the risk of broader network disruption! ","author_name":"7 Minute Security","author_url":"https:\/\/7MinSec.com","html":"<iframe title=\"Libsyn Player\" style=\"border: none\" src=\"\/\/html5-player.libsyn.com\/embed\/episode\/id\/38950270\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/88AA3C\/\" height=\"90\" width=\"600\" scrolling=\"no\"  allowfullscreen webkitallowfullscreen mozallowfullscreen oallowfullscreen msallowfullscreen><\/iframe>","thumbnail_url":"https:\/\/assets.libsyn.com\/secure\/item\/38950270"}