wpad.dat). This script gives a set of proxies that can be used, and can be located with an hostname or an URL. Various mechanisms can be used to find its location (by order of resolution):
wpad.datfile, hence poisoning the web proxy configuration of the requesting clients, hence obtaining more traffic.
-w/--wpadoption will make Responder start the WPAD rogue server so that fake
wpad.datfile can be served to requesting clients.
-P/--ProxyAuthoption to force the Windows client to authenticate after the
wpad.datis accessed and when the client starts using the proxy
1122334455667788(to crack NTLM hashes with crack.sh).
-WPADResponse(and others) can be used to tweak the WPAD abuse.