[ DragonHash ]

Chromium drag‑and‑drop NTLM leakage proof‑of‑concept

Read the blog post 
      $ # quick & dirty
      $ sudo responder -I eth0

Then follow the prompts below

1▸ IP Address of your SMB Responder server

2▸ Weaponized asset

Lure image

Drag the image to your Windows desktop, then click the Try again popup in Chrome's downloads bar.

PoC crafted for educational use · Tested on Chrome 137.0.7151.104 and Windows 11· Use responsibly.