third pass:

- All servers back online - modified logging
2025-07-07 13:32:18 -07:00 · 2015-08-03 05:34:46 +02:00 · 2015-08-03 05:34:46 +02:00 · fa59ca466b
commit fa59ca466b
parent 46356b2ad5
19 changed files with 545 additions and 407 deletions
--- a/core/responder/utils.py
+++ b/core/responder/utils.py
@ -21,34 +21,7 @@ import logging
 import socket
 import time
 import settings
-
-try:
-	import sqlite3
-except:
-	print "[!] Please install python-sqlite3 extension."
-	sys.exit(0)
-
-def color(txt, code = 1, modifier = 0):
-
-	if txt.startswith('[*]'):
-		settings.Config.PoisonersLogger.warning(txt)
-	
-	elif 'Analyze' in txt:
-		settings.Config.AnalyzeLogger.warning(txt)
-
-	# No colors for windows...
-	if os.name == 'nt':
-		return txt
-
-	return "\033[%d;3%dm%s\033[0m" % (modifier, code, txt)
-
-def text(txt):
-	logging.info(txt)
-
-	if os.name == 'nt':
-		return txt
-
-	return '\r'+re.sub(r'\[([^]]*)\]', "\033[1;34m[\\1]\033[0m", txt)
+import sqlite3

 def RespondToThisIP(ClientIp):

@ -102,13 +75,12 @@ def FindLocalIP(Iface):
 		return ret

 	except socket.error:
-		print color("[!] Error: %s: Interface not found" % Iface, 1)
 		sys.exit(-1)

 # Function used to write captured hashs to a file.
 def WriteData(outfile, data, user):

-	logging.info("[*] Captured Hash: %s" % data)
+	settings.Config.ResponderLogger.info("[*] Captured Hash: %s" % data)

 	if os.path.isfile(outfile) == False:
 		with open(outfile,"w") as outf:
@ -176,23 +148,22 @@ def SaveToDb(result):
 	if count == 0 or settings.Config.Verbose:

 		if len(result['client']):
-			print text("[%s] %s Client   : %s" % (result['module'], result['type'], color(result['client'], 3)))
+			settings.Config.ResponderLogger.info("[%s] %s Client   : %s" % (result['module'], result['type'], result['client']))
 		if len(result['hostname']):
-			print text("[%s] %s Hostname : %s" % (result['module'], result['type'], color(result['hostname'], 3)))
+			settings.Config.ResponderLogger.info("[%s] %s Hostname : %s" % (result['module'], result['type'], result['hostname']))
 		if len(result['user']):
-			print text("[%s] %s Username : %s" % (result['module'], result['type'], color(result['user'], 3)))
-		
-		# Bu order of priority, print cleartext, fullhash, or hash
-		if len(result['cleartext']):
-			print text("[%s] %s Password : %s" % (result['module'], result['type'], color(result['cleartext'], 3)))
-		elif len(result['fullhash']):
-			print text("[%s] %s Hash     : %s" % (result['module'], result['type'], color(result['fullhash'], 3)))
-		elif len(result['hash']):
-			print text("[%s] %s Hash     : %s" % (result['module'], result['type'], color(result['hash'], 3)))
-			
-	else:
-		print color('[*]', 2, 1), 'Skipping previously captured hash for %s' % result['user']
+			settings.Config.ResponderLogger.info("[%s] %s Username : %s" % (result['module'], result['type'], result['user']))

+		# By order of priority, print cleartext, fullhash, or hash
+		if len(result['cleartext']):
+			settings.Config.ResponderLogger.info("[%s] %s Password : %s" % (result['module'], result['type'], result['cleartext']))
+		elif len(result['fullhash']):
+			settings.Config.ResponderLogger.info("[%s] %s Hash     : %s" % (result['module'], result['type'], result['fullhash']))
+		elif len(result['hash']):
+			settings.Config.ResponderLogger.info("[%s] %s Hash     : %s" % (result['module'], result['type'], result['hash']))
+
+	else:
+		settings.Config.PoisonersLogger.warning('Skipping previously captured hash for %s' % result['user'])

 def Parse_IPV6_Addr(data):

@ -238,88 +209,6 @@ def NBT_NS_Role(data):

 	return Role[data] if data in Role else "Service not known"

-def banner():
-
-	banner = "\n".join([
-		'                                         __',
-		'  .----.-----.-----.-----.-----.-----.--|  |.-----.----.',
-		'  |   _|  -__|__ --|  _  |  _  |     |  _  ||  -__|   _|',
-		'  |__| |_____|_____|   __|_____|__|__|_____||_____|__|',
-		'                   |__|'
-	])
-
-	print banner
-	print "\n           \033[1;33mNBT-NS, LLMNR & MDNS %s\033[0m" % settings.__version__
-	print ""
-	print "  Original work by Laurent Gaffie (lgaffie@trustwave.com)"
-	print "  To kill this script hit CRTL-C"
-	print ""
-
-def StartupMessage():
-	enabled  = color('[ON]', 2, 1) 
-	disabled = color('[OFF]', 1, 1)
-
-	print ""
-	print color("[+] ", 2, 1) + "Poisoners:"
-	print '    %-27s' % "LLMNR" + enabled
-	print '    %-27s' % "NBT-NS" + enabled
-	print '    %-27s' % "DNS/MDNS" + enabled
-	print ""
-
-	print color("[+] ", 2, 1) + "Servers:"
-	print '    %-27s' % "HTTP server" + (enabled if settings.Config.HTTP_On_Off else disabled)
-	print '    %-27s' % "HTTPS server" + (enabled if settings.Config.SSL_On_Off else disabled)
-	print '    %-27s' % "WPAD proxy" + (enabled if settings.Config.WPAD_On_Off else disabled)
-	print '    %-27s' % "SMB server" + (enabled if settings.Config.SMB_On_Off else disabled)
-	print '    %-27s' % "Kerberos server" + (enabled if settings.Config.Krb_On_Off else disabled)
-	print '    %-27s' % "SQL server" + (enabled if settings.Config.SQL_On_Off else disabled)
-	print '    %-27s' % "FTP server" + (enabled if settings.Config.FTP_On_Off else disabled)
-	print '    %-27s' % "IMAP server" + (enabled if settings.Config.IMAP_On_Off else disabled)
-	print '    %-27s' % "POP3 server" + (enabled if settings.Config.POP_On_Off else disabled)
-	print '    %-27s' % "SMTP server" + (enabled if settings.Config.SMTP_On_Off else disabled)
-	print '    %-27s' % "DNS server" + (enabled if settings.Config.DNS_On_Off else disabled)
-	print '    %-27s' % "LDAP server" + (enabled if settings.Config.LDAP_On_Off else disabled)
-	print ""
-
-	print color("[+] ", 2, 1) + "HTTP Options:"
-	print '    %-27s' % "Always serving EXE" + (enabled if settings.Config.Serve_Always else disabled)
-	print '    %-27s' % "Serving EXE" + (enabled if settings.Config.Serve_Exe else disabled)
-	print '    %-27s' % "Serving HTML" + (enabled if settings.Config.Serve_Html else disabled)
-	print '    %-27s' % "Upstream Proxy" + (enabled if settings.Config.Upstream_Proxy else disabled)
-	#print '    %-27s' % "WPAD script" + settings.Config.WPAD_Script
-	print ""
-
-	print color("[+] ", 2, 1) + "Poisoning Options:"
-	print '    %-27s' % "Analyze Mode" + (enabled if settings.Config.AnalyzeMode else disabled)
-	print '    %-27s' % "Force WPAD auth" + (enabled if settings.Config.Force_WPAD_Auth else disabled)
-	print '    %-27s' % "Force Basic Auth" + (enabled if settings.Config.Basic else disabled)
-	print '    %-27s' % "Force LM downgrade" + (enabled if settings.Config.LM_On_Off == True else disabled)
-	print '    %-27s' % "Fingerprint hosts" + (enabled if settings.Config.Finger_On_Off == True else disabled)
-	print ""
-
-	print color("[+] ", 2, 1) + "Generic Options:"
-	print '    %-27s' % "Responder NIC" + color('[%s]' % settings.Config.Interface, 5, 1)
-	print '    %-27s' % "Responder IP" + color('[%s]' % settings.Config.Bind_To, 5, 1)
-	print '    %-27s' % "Challenge set" + color('[%s]' % settings.Config.NumChal, 5, 1)
-
-	if settings.Config.Upstream_Proxy:
-		print '    %-27s' % "Upstream Proxy" + color('[%s]' % settings.Config.Upstream_Proxy, 5, 1)
-
-	if len(settings.Config.RespondTo):
-		print '    %-27s' % "Respond To" + color(str(settings.Config.RespondTo), 5, 1)
-
-	if len(settings.Config.RespondToName):
-		print '    %-27s' % "Respond To Names" + color(str(settings.Config.RespondToName), 5, 1)
-
-	if len(settings.Config.DontRespondTo):
-		print '    %-27s' % "Don't Respond To" + color(str(settings.Config.DontRespondTo), 5, 1)
-
-	if len(settings.Config.DontRespondToName):
-		print '    %-27s' % "Don't Respond To Names" + color(str(settings.Config.DontRespondToName), 5, 1)
-
-	print ""
-	print ""
-
 # Useful for debugging
 def hexdump(src, l=0x16):
 	res = []