github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-07-07 13:31:23 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #84 from jrmdev/master

Browse source 
Implemented auto-ignore list
This commit is contained in:
lgandx 2016-05-15 18:20:12 -05:00
commit 448db124cb
3 changed files with 23 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Responder.conf
View file

@ -45,6 +45,9 @@ DontRespondTo =
; Example: DontRespondTo = NAC, IPS, IDS
DontRespondToName =
; If set to On, we will stop answering further requests from a host
; if a hash hash been previously captured for this host.
AutoIgnoreAfterSuccess = On
[HTTP Server]
@ -52,7 +55,7 @@ DontRespondToName =
Serve-Always = Off
; Set to On to replace any requested .exe with the custom EXE
Serve-Exe = On
Serve-Exe = Off
; Set to On to serve the custom HTML if the URL does not contain .exe
; Set to Off to inject the 'HTMLToInject' in web pages instead

4
settings.py
View file

@ -148,6 +148,10 @@ class Settings:
self.DontRespondTo = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondTo').strip().split(',')])
self.DontRespondToName = filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondToName').strip().split(',')])
# Auto Ignore List
self.AutoIgnore = self.toBool(config.get('Responder Core', 'AutoIgnoreAfterSuccess'))
self.AutoIgnoreList = []
# CLI options
self.LM_On_Off = options.LM_On_Off
self.WPAD_On_Off = options.WPAD_On_Off

13
utils.py
View file

@ -55,6 +55,10 @@ def RespondToThisIP(ClientIp):
if ClientIp.startswith('127.0.0.'):
return False
if settings.Config.AutoIgnore and ClientIp in settings.Config.AutoIgnoreList:
print color('[*]', 3, 1), 'Received request from auto-ignored client %s, not answering.' % ClientIp
return False
if len(settings.Config.RespondTo) and ClientIp not in settings.Config.RespondTo:
return False
@ -206,8 +210,15 @@ def SaveToDb(result):
elif len(result['hash']):
print text("[%s] %s Hash : %s" % (result['module'], result['type'], color(result['hash'], 3)))
# Appending auto-ignore list if required
# Except if this is a machine account's hash
if settings.Config.AutoIgnore and not result['user'].endswith('$'):
settings.Config.AutoIgnoreList.append(result['client'])
print color('[*] Adding client %s to auto-ignore list' % result['client'], 4, 1)
else:
print color('[*]', 2, 1), 'Skipping previously captured hash for %s' % result['user']
print color('[*]', 3, 1), 'Skipping previously captured hash for %s' % result['user']
def Parse_IPV6_Addr(data):