mirror of
https://github.com/lgandx/Responder.git
synced 2025-07-12 16:13:04 -07:00
Minor bugs and display/logging fixes + RDP srv SSLwrapping fix
This commit is contained in:
lgandx
parent
9b1c99ccd2
commit
15d03bc902
16 changed files with 50 additions and 44 deletions
|
|
@ -64,7 +64,7 @@ class LLMNR(BaseRequestHandler): # LLMNR Server class
|
|||
if data[2:4] == b'\x00\x00' and LLMNRType:
|
||||
if settings.Config.AnalyzeMode:
|
||||
LineHeader = "[Analyze mode: LLMNR]"
|
||||
print(color("%s Request by %s for %s, ignoring" % (LineHeader, self.client_address[0], Name), 2, 1))
|
||||
print(color("%s Request by %s for %s, ignoring" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'LLMNR',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
@ -77,7 +77,7 @@ class LLMNR(BaseRequestHandler): # LLMNR Server class
|
|||
Buffer1.calculate()
|
||||
soc.sendto(NetworkSendBufferPython2or3(Buffer1), self.client_address)
|
||||
LineHeader = "[*] [LLMNR]"
|
||||
print(color("%s Poisoned answer sent to %s for name %s" % (LineHeader, self.client_address[0], Name), 2, 1))
|
||||
print(color("%s Poisoned answer sent to %s for name %s" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'LLMNR',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
@ -90,7 +90,7 @@ class LLMNR(BaseRequestHandler): # LLMNR Server class
|
|||
Buffer1.calculate()
|
||||
soc.sendto(NetworkSendBufferPython2or3(Buffer1), self.client_address)
|
||||
LineHeader = "[*] [LLMNR]"
|
||||
print(color("%s Poisoned answer sent to %s for name %s" % (LineHeader, self.client_address[0], Name), 2, 1))
|
||||
print(color("%s Poisoned answer sent to %s for name %s" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'LLMNR6',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
|
|||
|
|
@ -61,7 +61,7 @@ class MDNS(BaseRequestHandler):
|
|||
return None
|
||||
|
||||
if settings.Config.AnalyzeMode: # Analyze Mode
|
||||
print(text('[Analyze mode: MDNS] Request by %-15s for %s, ignoring' % (color(self.client_address[0], 3), color(Request_Name, 3))))
|
||||
print(text('[Analyze mode: MDNS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Request_Name, 3))))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'MDNS',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
@ -73,7 +73,7 @@ class MDNS(BaseRequestHandler):
|
|||
Buffer = MDNS_Ans(AnswerName = Poisoned_Name)
|
||||
Buffer.calculate()
|
||||
soc.sendto(NetworkSendBufferPython2or3(Buffer), self.client_address)
|
||||
print(color('[*] [MDNS] Poisoned answer sent to %-15s for name %s' % (self.client_address[0], Request_Name), 2, 1))
|
||||
print(color('[*] [MDNS] Poisoned answer sent to %-15s for name %s' % (self.client_address[0].replace("::ffff:",""), Request_Name), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'MDNS',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
@ -86,7 +86,7 @@ class MDNS(BaseRequestHandler):
|
|||
Buffer = MDNS6_Ans(AnswerName = Poisoned_Name)
|
||||
Buffer.calculate()
|
||||
soc.sendto(NetworkSendBufferPython2or3(Buffer), self.client_address)
|
||||
print(color('[*] [MDNS] Poisoned answer sent to %-15s for name %s' % (self.client_address[0], Request_Name), 2, 1))
|
||||
print(color('[*] [MDNS] Poisoned answer sent to %-15s for name %s' % (self.client_address[0].replace("::ffff:",""), Request_Name), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'MDNS6',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
|
|||
|
|
@ -36,8 +36,7 @@ class NBTNS(BaseRequestHandler):
|
|||
|
||||
if data[2:4] == b'\x01\x10':
|
||||
if settings.Config.AnalyzeMode: # Analyze Mode
|
||||
LineHeader = "[Analyze mode: NBT-NS]"
|
||||
print(color("%s Request by %s for %s, ignoring" % (LineHeader, self.client_address[0], Name), 2, 1))
|
||||
print(text('[Analyze mode: NBT-NS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Name, 3))))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'NBT-NS',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
@ -49,7 +48,7 @@ class NBTNS(BaseRequestHandler):
|
|||
Buffer1.calculate(data)
|
||||
socket.sendto(NetworkSendBufferPython2or3(Buffer1), self.client_address)
|
||||
LineHeader = "[*] [NBT-NS]"
|
||||
print(color("%s Poisoned answer sent to %s for name %s (service: %s)" % (LineHeader, self.client_address[0], Name, NBT_NS_Role(NetworkRecvBufferPython2or3(data[43:46]))), 2, 1))
|
||||
print(color("%s Poisoned answer sent to %s for name %s (service: %s)" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name, NBT_NS_Role(NetworkRecvBufferPython2or3(data[43:46]))), 2, 1))
|
||||
SavePoisonersToDb({
|
||||
'Poisoner': 'NBT-NS',
|
||||
'SentToIp': self.client_address[0],
|
||||
|
|
|
|||
|
|
@ -165,7 +165,7 @@ def BecomeBackup(data,Client):
|
|||
Role = NBT_NS_Role(data[45:48])
|
||||
|
||||
if settings.Config.AnalyzeMode:
|
||||
print(text("[Analyze mode: Browser] Datagram Request from IP: %s hostname: %s via the: %s wants to become a Local Master Browser Backup on this domain: %s."%(Client, Name,Role,Domain)))
|
||||
print(text("[Analyze mode: Browser] Datagram Request from IP: %s hostname: %s via the: %s wants to become a Local Master Browser Backup on this domain: %s."%(Client.replace("::ffff:",""), Name,Role,Domain)))
|
||||
RAPInfo = RAPThisDomain(Client, Domain)
|
||||
if RAPInfo is not None:
|
||||
print(RAPInfo)
|
||||
|
|
@ -182,7 +182,7 @@ def ParseDatagramNBTNames(data,Client):
|
|||
|
||||
|
||||
if Role2 == "Domain Controller" or Role2 == "Browser Election" or Role2 == "Local Master Browser" and settings.Config.AnalyzeMode:
|
||||
print(text('[Analyze mode: Browser] Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s' % (Client, Name, Role1, Domain, Role2)))
|
||||
print(text('[Analyze mode: Browser] Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s' % (Client.replace("::ffff:",""), Name, Role1, Domain, Role2)))
|
||||
RAPInfo = RAPThisDomain(Client, Domain)
|
||||
if RAPInfo is not None:
|
||||
print(RAPInfo)
|
||||
|
|
|
|||
|
|
@ -49,35 +49,35 @@ class DNS(BaseRequestHandler):
|
|||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address)
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] A Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] A Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv4":
|
||||
buff = DNS_AnsOPT()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address)
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] A OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] A OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "SRV":
|
||||
buff = DNS_SRV_Ans()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address)
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] SRV Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] SRV Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6":
|
||||
buff = DNS6_Ans()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address)
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] AAAA Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] AAAA Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6":
|
||||
buff = DNS6_Ans()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address)
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] AAAA OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] AAAA OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
|
||||
except Exception:
|
||||
|
|
@ -97,35 +97,35 @@ class DNSTCP(BaseRequestHandler):
|
|||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
self.request.send(NetworkSendBufferPython2or3(buff))
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] A Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] A Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv4":
|
||||
buff = DNS_AnsOPT()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
self.request.send(NetworkSendBufferPython2or3(buff))
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] A OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] A OPT Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "SRV":
|
||||
buff = DNS_SRV_Ans()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
self.request.send(NetworkSendBufferPython2or3(buff))
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] SRV Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] SRV Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6":
|
||||
buff = DNS6_Ans()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
self.request.send(NetworkSendBufferPython2or3(buff))
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] AAAA Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] AAAA Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6":
|
||||
buff = DNS6_AnsOPT()
|
||||
buff.calculate(NetworkRecvBufferPython2or3(data))
|
||||
self.request.send(NetworkSendBufferPython2or3(buff))
|
||||
ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"])
|
||||
print(color("[*] [DNS] AAAA OPT Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0], ResolveName), 2, 1))
|
||||
print(color("[*] [DNS] AAAA OPT Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1))
|
||||
|
||||
except Exception:
|
||||
pass
|
||||
|
|
|
|||
|
|
@ -205,7 +205,7 @@ def PacketSequence(data, client, Challenge):
|
|||
ParseHTTPHash(NTLM_Auth, Challenge, client, module)
|
||||
|
||||
if settings.Config.Force_WPAD_Auth and WPAD_Custom:
|
||||
print(text("[HTTP] WPAD (auth) file sent to %s" % client))
|
||||
print(text("[HTTP] WPAD (auth) file sent to %s" % client.replace("::ffff:","")))
|
||||
|
||||
return WPAD_Custom
|
||||
else:
|
||||
|
|
@ -230,7 +230,7 @@ def PacketSequence(data, client, Challenge):
|
|||
|
||||
if settings.Config.Force_WPAD_Auth and WPAD_Custom:
|
||||
if settings.Config.Verbose:
|
||||
print(text("[HTTP] WPAD (auth) file sent to %s" % client))
|
||||
print(text("[HTTP] WPAD (auth) file sent to %s" % client.replace("::ffff:","")))
|
||||
|
||||
return WPAD_Custom
|
||||
else:
|
||||
|
|
@ -241,12 +241,12 @@ def PacketSequence(data, client, Challenge):
|
|||
if settings.Config.Basic:
|
||||
Response = IIS_Basic_401_Ans()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[HTTP] Sending BASIC authentication request to %s" % client))
|
||||
print(text("[HTTP] Sending BASIC authentication request to %s" % client.replace("::ffff:","")))
|
||||
|
||||
else:
|
||||
Response = IIS_Auth_401_Ans()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[HTTP] Sending NTLM authentication request to %s" % client))
|
||||
print(text("[HTTP] Sending NTLM authentication request to %s" % client.replace("::ffff:","")))
|
||||
|
||||
return Response
|
||||
|
||||
|
|
@ -290,7 +290,7 @@ class HTTP(BaseRequestHandler):
|
|||
self.request.send(NetworkSendBufferPython2or3(Buffer))
|
||||
self.request.close()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[HTTP] WPAD (no auth) file sent to %s" % self.client_address[0]))
|
||||
print(text("[HTTP] WPAD (no auth) file sent to %s" % self.client_address[0].replace("::ffff:","")))
|
||||
|
||||
else:
|
||||
Buffer = PacketSequence(data,self.client_address[0], Challenge)
|
||||
|
|
|
|||
|
|
@ -209,7 +209,7 @@ class HTTP_Proxy(BaseHTTPServer.BaseHTTPRequestHandler):
|
|||
def handle(self):
|
||||
(ip, port) = self.client_address[0], self.client_address[1]
|
||||
if settings.Config.Verbose:
|
||||
print(text("[PROXY] Received connection from %s" % self.client_address[0]))
|
||||
print(text("[PROXY] Received connection from %s" % self.client_address[0].replace("::ffff:","")))
|
||||
self.__base_handle()
|
||||
|
||||
def _connect_to(self, netloc, soc):
|
||||
|
|
@ -286,7 +286,7 @@ class HTTP_Proxy(BaseHTTPServer.BaseHTTPRequestHandler):
|
|||
Cookie = self.headers['Cookie'] if "Cookie" in self.headers else ''
|
||||
|
||||
if settings.Config.Verbose:
|
||||
print(text("[PROXY] Client : %s" % color(self.client_address[0], 3)))
|
||||
print(text("[PROXY] Client : %s" % color(self.client_address[0].replace("::ffff:",""), 3)))
|
||||
print(text("[PROXY] Requested URL : %s" % color(self.path, 3)))
|
||||
print(text("[PROXY] Cookie : %s" % Cookie))
|
||||
|
||||
|
|
|
|||
|
|
@ -173,7 +173,7 @@ def ParseCLDAPPacket(data, client, Challenge):
|
|||
|
||||
elif Operation == b'\x63':
|
||||
Buffer = ParseSearch(data)
|
||||
print(text('[CLDAP] Sent CLDAP pong to %s.'% client))
|
||||
print(text('[CLDAP] Sent CLDAP pong to %s.'% client.replace("::ffff:","")))
|
||||
return Buffer
|
||||
|
||||
elif settings.Config.Verbose:
|
||||
|
|
|
|||
|
|
@ -134,7 +134,7 @@ class MSSQL(BaseRequestHandler):
|
|||
if not data:
|
||||
break
|
||||
if settings.Config.Verbose:
|
||||
print(text("[MSSQL] Received connection from %s" % self.client_address[0]))
|
||||
print(text("[MSSQL] Received connection from %s" % self.client_address[0].replace("::ffff:","")))
|
||||
if data[0] == b"\x12" or data[0] == 18: # Pre-Login Message
|
||||
Buffer = str(MSSQLPreLoginAnswer())
|
||||
self.request.send(NetworkSendBufferPython2or3(Buffer))
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ def PacketSequence(data, client, Challenge):
|
|||
Packet_NTLM = b64decode(''.join(NTLM_Auth))[8:9]
|
||||
if Packet_NTLM == b'\x01':
|
||||
if settings.Config.Verbose:
|
||||
print(text("[Proxy-Auth] Sending NTLM authentication request to %s" % client))
|
||||
print(text("[Proxy-Auth] Sending NTLM authentication request to %s" % client.replace("::ffff:","")))
|
||||
Buffer = NTLM_Challenge(ServerChallenge=NetworkRecvBufferPython2or3(Challenge))
|
||||
Buffer.calculate()
|
||||
Buffer_Ans = WPAD_NTLM_Challenge_Ans(Payload = b64encode(NetworkSendBufferPython2or3(Buffer)).decode('latin-1'))
|
||||
|
|
@ -93,7 +93,7 @@ def PacketSequence(data, client, Challenge):
|
|||
if settings.Config.Basic:
|
||||
Response = WPAD_Basic_407_Ans()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[Proxy-Auth] Sending BASIC authentication request to %s" % client))
|
||||
print(text("[Proxy-Auth] Sending BASIC authentication request to %s" % client.replace("::ffff:","")))
|
||||
|
||||
else:
|
||||
Response = WPAD_Auth_407_Ans()
|
||||
|
|
|
|||
|
|
@ -98,6 +98,11 @@ class RDP(BaseRequestHandler):
|
|||
self.request.settimeout(30)
|
||||
Challenge = RandomChallenge()
|
||||
|
||||
cert = os.path.join(settings.Config.ResponderPATH, settings.Config.SSLCert)
|
||||
key = os.path.join(settings.Config.ResponderPATH, settings.Config.SSLKey)
|
||||
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
|
||||
context.load_cert_chain(cert, key)
|
||||
|
||||
if data[11:12] == b'\x01':
|
||||
x = X224(Data=RDPNEGOAnswer())
|
||||
x.calculate()
|
||||
|
|
@ -105,7 +110,7 @@ class RDP(BaseRequestHandler):
|
|||
h.calculate()
|
||||
buffer1 = str(h)
|
||||
self.request.send(NetworkSendBufferPython2or3(buffer1))
|
||||
SSLsock = ssl.wrap_socket(self.request, certfile=cert, keyfile=key, ssl_version=ssl.PROTOCOL_TLS_SERVER,server_side=True)
|
||||
SSLsock = context.wrap_socket(self.request, server_side=True)
|
||||
SSLsock.settimeout(30)
|
||||
data = SSLsock.read(8092)
|
||||
if FindNTLMNegoStep(data) == b'\x01\x00\x00\x00':
|
||||
|
|
@ -125,8 +130,7 @@ class RDP(BaseRequestHandler):
|
|||
buffer1 = str(h)
|
||||
self.request.send(NetworkSendBufferPython2or3(buffer1))
|
||||
data = self.request.recv(8092)
|
||||
|
||||
SSLsock = ssl.wrap_socket(self.request, certfile=cert, keyfile=key, ssl_version=ssl.PROTOCOL_TLS,server_side=True)
|
||||
SSLsock = context.wrap_socket(self.request, server_side=True)
|
||||
data = SSLsock.read(8092)
|
||||
if FindNTLMNegoStep(data) == b'\x01\x00\x00\x00':
|
||||
x = RDPNTLMChallengeAnswer(NTLMSSPNtServerChallenge=NetworkRecvBufferPython2or3(Challenge))
|
||||
|
|
|
|||
|
|
@ -144,7 +144,7 @@ class RPCMap(BaseRequestHandler):
|
|||
RPC.calculate()
|
||||
self.request.send(NetworkSendBufferPython2or3(str(RPC)))
|
||||
data = self.request.recv(1024)
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto DSRUAPI auth server." % (self.client_address[0]), 3, 1))
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto DSRUAPI auth server." % (self.client_address[0].replace("::ffff:","")), 3, 1))
|
||||
self.request.close()
|
||||
|
||||
#LSARPC
|
||||
|
|
@ -155,7 +155,7 @@ class RPCMap(BaseRequestHandler):
|
|||
RPC.calculate()
|
||||
self.request.send(NetworkSendBufferPython2or3(str(RPC)))
|
||||
data = self.request.recv(1024)
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto LSARPC auth server." % (self.client_address[0]), 3, 1))
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto LSARPC auth server." % (self.client_address[0].replace("::ffff:","")), 3, 1))
|
||||
self.request.close()
|
||||
|
||||
#WINSPOOL
|
||||
|
|
@ -166,7 +166,7 @@ class RPCMap(BaseRequestHandler):
|
|||
RPC.calculate()
|
||||
self.request.send(NetworkSendBufferPython2or3(str(RPC)))
|
||||
data = self.request.recv(1024)
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto WINSPOOL auth server." % (self.client_address[0]), 3, 1))
|
||||
print(color("[*] [DCE-RPC Mapper] Redirected %-15sto WINSPOOL auth server." % (self.client_address[0].replace("::ffff:","")), 3, 1))
|
||||
self.request.close()
|
||||
|
||||
#NetLogon
|
||||
|
|
|
|||
|
|
@ -206,7 +206,6 @@ class SMB1(BaseRequestHandler): # SMB1 & SMB2 Server class, NTLMSSP
|
|||
self.request.send(Buffer)
|
||||
data = self.request.recv(1024)
|
||||
except:
|
||||
raise
|
||||
pass
|
||||
|
||||
##Negotiate proto answer SMBv2.
|
||||
|
|
|
|||
|
|
@ -127,12 +127,12 @@ def PacketSequence(data, client, Challenge):
|
|||
if settings.Config.Basic:
|
||||
Response = IIS_Basic_401_Ans()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[WinRM] Sending BASIC authentication request to %s" % client))
|
||||
print(text("[WinRM] Sending BASIC authentication request to %s" % client.replace("::ffff:","")))
|
||||
|
||||
else:
|
||||
Response = IIS_Auth_401_Ans()
|
||||
if settings.Config.Verbose:
|
||||
print(text("[WinRM] Sending NTLM authentication request to %s" % client))
|
||||
print(text("[WinRM] Sending NTLM authentication request to %s" % client.replace("::ffff:","")))
|
||||
|
||||
return Response
|
||||
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ import subprocess
|
|||
|
||||
from utils import *
|
||||
|
||||
__version__ = 'Responder 3.1.1.0'
|
||||
__version__ = 'Responder 3.1.3.0'
|
||||
|
||||
class Settings:
|
||||
|
||||
|
|
|
|||
8
utils.py
8
utils.py
|
|
@ -317,7 +317,7 @@ def SaveToDb(result):
|
|||
for k in [ 'module', 'type', 'client', 'hostname', 'user', 'cleartext', 'hash', 'fullhash' ]:
|
||||
if not k in result:
|
||||
result[k] = ''
|
||||
|
||||
result['client'] = result['client'].replace("::ffff:","")
|
||||
if len(result['user']) < 2:
|
||||
print(color('[*] Skipping one character username: %s' % result['user'], 3, 1))
|
||||
text("[*] Skipping one character username: %s" % result['user'])
|
||||
|
|
@ -393,7 +393,7 @@ def SavePoisonersToDb(result):
|
|||
for k in [ 'Poisoner', 'SentToIp', 'ForName', 'AnalyzeMode' ]:
|
||||
if not k in result:
|
||||
result[k] = ''
|
||||
|
||||
result['SentToIp'] = result['SentToIp'].replace("::ffff:","")
|
||||
cursor = sqlite3.connect(settings.Config.DatabaseFile)
|
||||
cursor.text_factory = sqlite3.Binary # We add a text factory to support different charsets
|
||||
res = cursor.execute("SELECT COUNT(*) AS count FROM Poisoned WHERE Poisoner=? AND SentToIp=? AND ForName=? AND AnalyzeMode=?", (result['Poisoner'], result['SentToIp'], result['ForName'], result['AnalyzeMode']))
|
||||
|
|
@ -476,6 +476,10 @@ def banner():
|
|||
print(banner)
|
||||
print("\n \033[1;33mNBT-NS, LLMNR & MDNS %s\033[0m" % settings.__version__)
|
||||
print('')
|
||||
print(" To support this project:")
|
||||
print(" Patreon -> https://www.patreon.com/PythonResponder")
|
||||
print(" Paypal -> https://paypal.me/PythonResponder")
|
||||
print('')
|
||||
print(" Author: Laurent Gaffie (laurent.gaffie@gmail.com)")
|
||||
print(" To kill this script hit CTRL-C")
|
||||
print('')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue