In the ~/responder/logs folder there will be a txt file like HTTP-NTLMv2-192.168.2.1.txt that will have the credential hash, in this case a NTLMv2 credential and hash. I plan on posting a follow up article with some code that will make the LED blink when this type of file is created or updated, and how to use john or hashcat to crack the hashes.