Responder Full Tutorial | Updated 2024


In this post, You will what is responder and how to use it and below is the video format of the post, Check it out 👇🏾


What is Responder❓

Responder is a LLMNR, NBT-NS and MDNS poisoner, This tool comes with built in authentication server settings.

In simple this tool is used for sniffing and spoofing the passwords, usernames and OS and service version etc.

The tool contains various built-in servers like HTTP, SMB, LDAP, DCE-RPC Auth server.


Who Developed Responder

The tools seem to be developed in spider labs and later forked by one of the creators lgandx.

Installing Responder ⬇️

To install responder follow the below commands. In kali you no need to worry about the installation the tool is already installed.

Linux: git clone

Win: Currently it’s in beta testing [Click here] to check

Features in Responder

  1. Dual IPv6/IPv4 stack.
  2. Built-in SMB Auth server.
  3. Built-in MSSQL Auth server.
  4. Built-in HTTP Auth server.
  5. Built-in HTTPS Auth server.
  6. Built-in LDAP Auth server.
  7. Built-in DCE-RPC Auth server.
  8. Built-in FTP, POP3, IMAP, SMTP Auth servers.
  9. Built-in DNS server.
  10. Browser Listener

How to Use Responder

Hey you ❤️ Please check out my other posts, You will be amazed and support me by following on youtube.

Before I explain you how to use this tool we need to know about LLMNR, NBT-NS, MDNS and DHCP.

LLMNR: LLMNR stands for Link-Local Multicast Name Resolution, This protocol runs on UDP port 5355, mostly to perform name resolution for hosts on the same local link.

NBT-NS: NetBIOS name service (NBT-NS) is a Windows protocol that is used to translate NetBIOS names to IP addresses on a local network. 

MDNS: multicast DNS (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.

DHCP: The Dynamic Host Configuration Protocol is a network management protocol used on Internet Protocol networks for automatically assigning IP addresses.

LLMNR/NBT-NS Poisoning through SMB

Firstly let’s listen with our responder to do that enter the below command. And don’t forget to run as root.

sudo responder -I eth0

Now let me move to windows 11 and try to enter kali eth0 IP. Let’s say \\<kali IP> and now we can see that access denied.

Now, If we move to kali we should have got the hash.

copy the hash from rick to 00 and save it in a file.

Let’s crack the hash with the hashcat, Below is the command to crack hash with hashcat.

hashcat -m 5600 john.txt rick.txt
  • john.txt = contains the hash
  • rick.txt = wordlist

Finally, I have cracked the password.

Basic Authentication

Let’s turn on our responder. Basically the victim will get a prompt login and if they enter the credentials we get to see the credentials they enetered in plain text.

responder -I eth0 -wdF -b

Now if we go windows browser and type randomurl.local we get a prompt and now we can enter the username and password.

Responder external IP poisoning

Using responder we can also poison external IP. Let’s see how to do that

sudo responder -I eth0 -e

DNS Injection DHCP response

To do a DNS Injection using responder you can use the below command. If you have already got the victim hash you will not view the hash second time.

sudo responder -I eth0 -D

Now, On the target machine type the kali IP \\ and we will be prompted with login and password.

Enter the credentials and simultaneously you will get a hash or plain text in responder.


In conclusion, responder tools can be valuable tools for automating certain tasks and providing quick responses.

However, they have limitations in understanding complex queries, lacking empathy, and adapting to new situations.

A careful balance between automation and human intervention is often necessary to provide the best user experience and outcomes.


Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top