From 807bd57a96337ab77f2fff50729a6eb229e5dc37 Mon Sep 17 00:00:00 2001 From: f3rn0s Date: Tue, 30 Apr 2024 15:52:04 +1000 Subject: [PATCH] Add options for poisoners --- Responder.conf | 45 +++++++++++++++++++++++++-------------------- Responder.py | 19 ++++++++++++------- settings.py | 7 ++++++- 3 files changed, 43 insertions(+), 28 deletions(-) diff --git a/Responder.conf b/Responder.conf index c157acf..180e94f 100755 --- a/Responder.conf +++ b/Responder.conf @@ -1,24 +1,29 @@ [Responder Core] -; Servers to start -SQL = On -SMB = On -RDP = On -Kerberos = On -FTP = On -POP = On -SMTP = On -IMAP = On -HTTP = On -HTTPS = On -DNS = On -LDAP = On -DCERPC = On -WINRM = On -SNMP = Off -MQTT = On +; Poisoners to start +MDNS = On +LLMNR = On +NBTNS = On -; Custom challenge. +; Servers to start +SQL = On +SMB = On +RDP = On +Kerberos = On +FTP = On +POP = On +SMTP = On +IMAP = On +HTTP = On +HTTPS = On +DNS = On +LDAP = On +DCERPC = On +WINRM = On +SNMP = Off +MQTT = On + +; Custom challenge. ; Use "Random" for generating a random challenge for each requests (Default) Challenge = Random @@ -65,8 +70,8 @@ AutoIgnoreAfterSuccess = Off ; This may break file serving and is useful only for hash capture CaptureMultipleCredentials = On -; If set to On, we will write to file all hashes captured from the same host. -; In this case, Responder will log from 172.16.0.12 all user hashes: domain\toto, +; If set to On, we will write to file all hashes captured from the same host. +; In this case, Responder will log from 172.16.0.12 all user hashes: domain\toto, ; domain\popo, domain\zozo. Recommended value: On, capture everything. CaptureMultipleHashFromSameHost = On diff --git a/Responder.py b/Responder.py index 8875430..545a8e3 100755 --- a/Responder.py +++ b/Responder.py @@ -294,16 +294,21 @@ def main(): if (sys.version_info < (3, 0)): print(color('\n\n[-]', 3, 1) + " Still using python 2? :(") print(color('\n[+]', 2, 1) + " Listening for events...\n") - + threads = [] # Load (M)DNS, NBNS and LLMNR Poisoners - from poisoners.LLMNR import LLMNR - from poisoners.NBTNS import NBTNS - from poisoners.MDNS import MDNS - threads.append(Thread(target=serve_LLMNR_poisoner, args=('', 5355, LLMNR,))) - threads.append(Thread(target=serve_MDNS_poisoner, args=('', 5353, MDNS,))) - threads.append(Thread(target=serve_NBTNS_poisoner, args=('', 137, NBTNS,))) + if settings.Config.LLMNR_On_Off: + from poisoners.LLMNR import LLMNR + threads.append(Thread(target=serve_LLMNR_poisoner, args=('', 5355, LLMNR,))) + + if settings.Config.NBTNS_On_Off: + from poisoners.NBTNS import NBTNS + threads.append(Thread(target=serve_NBTNS_poisoner, args=('', 137, NBTNS,))) + + if settings.Config.MDNS_On_Off: + from poisoners.MDNS import MDNS + threads.append(Thread(target=serve_MDNS_poisoner, args=('', 5353, MDNS,))) #// Vintage Responder BOWSER module, now disabled by default. #// Generate to much noise & easily detectable on the network when in analyze mode. diff --git a/settings.py b/settings.py index 6225de2..fdf15aa 100644 --- a/settings.py +++ b/settings.py @@ -114,7 +114,12 @@ class Settings: # Config parsing config = ConfigParser.ConfigParser() config.read(os.path.join(self.ResponderPATH, 'Responder.conf')) - + + # Poisoners + self.LLMNR_On_Off = self.toBool(config.get('Responder Core', 'LLMNR')) + self.NBNS_On_Off = self.toBool(config.get('Responder Core', 'NBTNS')) + self.MDNS_On_Off = self.toBool(config.get('Responder Core', 'MDNS')) + # Servers self.HTTP_On_Off = self.toBool(config.get('Responder Core', 'HTTP')) self.SSL_On_Off = self.toBool(config.get('Responder Core', 'HTTPS'))