Added IPv6 support

Responder.py

@@ -29,14 +29,12 @@ parser = optparse.OptionParser(usage='python %prog -I eth0 -w -r -f\nor:\npython
 parser.add_option('-A','--analyze',        action="store_true", help="Analyze mode. This option allows you to see NBT-NS, BROWSER, LLMNR requests without responding.", dest="Analyze", default=False)
 parser.add_option('-I','--interface',      action="store",      help="Network interface to use, you can use 'ALL' as a wildcard for all interfaces", dest="Interface", metavar="eth0", default=None)
 parser.add_option('-i','--ip',             action="store",      help="Local IP to use \033[1m\033[31m(only for OSX)\033[0m", dest="OURIP", metavar="10.0.0.21", default=None)
-
+parser.add_option('-6', "--externalip6",    action="store",      help="Poison all requests with another IPv6 address than Responder's one.", dest="ExternalIP6",  metavar="2002:c0a8:f7:1:3ba8:aceb:b1a9:81ed", default=None)
 parser.add_option('-e', "--externalip",    action="store",      help="Poison all requests with another IP address than Responder's one.", dest="ExternalIP",  metavar="10.0.0.22", default=None)
 parser.add_option('-b', '--basic',         action="store_true", help="Return a Basic HTTP authentication. Default: NTLM", dest="Basic", default=False)
-parser.add_option('-r', '--wredir',        action="store_true", help="Enable answers for netbios wredir suffix queries. Answering to wredir will likely break stuff on the network. Default: False", dest="Wredirect", default=False)
 parser.add_option('-d', '--DHCP',          action="store_true", help="Enable answers for DHCP broadcast requests. This option will inject a WPAD server in the DHCP response. Default: False", dest="DHCP_On_Off", default=False)
 parser.add_option('-D', '--DHCP-DNS',     action="store_true", help="This option will inject a DNS server in the DHCP response, otherwise a WPAD server will be added. Default: False", dest="DHCP_DNS", default=False)
 
-parser.add_option('-f','--fingerprint',    action="store_true", help="This option allows you to fingerprint a host that issued an NBT-NS or LLMNR query.", dest="Finger", default=False)
 parser.add_option('-w','--wpad',           action="store_true", help="Start the WPAD rogue proxy server. Default value is False", dest="WPAD_On_Off", default=False)
 parser.add_option('-u','--upstream-proxy', action="store",      help="Upstream HTTP proxy used by the rogue WPAD Proxy for outgoing requests (format: host:port)", dest="Upstream_Proxy", default=None)
 parser.add_option('-F','--ForceWpadAuth',  action="store_true", help="Force NTLM/Basic authentication on wpad.dat file retrieval. This may cause a login prompt. Default: False", dest="Force_WPAD_Auth", default=False)
@@ -75,10 +73,11 @@ class ThreadingUDPServer(ThreadingMixIn, UDPServer):
 				else:
 					if (sys.version_info > (3, 0)):
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8'))
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 					else:
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0')
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 			except:
-				raise
 				pass
 		UDPServer.server_bind(self)
 
@@ -91,10 +90,11 @@ class ThreadingTCPServer(ThreadingMixIn, TCPServer):
 				else:
 					if (sys.version_info > (3, 0)):
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8'))
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 					else:
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0')
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 			except:
-				raise
 				pass
 		TCPServer.server_bind(self)
 
@@ -107,10 +107,11 @@ class ThreadingTCPServerAuth(ThreadingMixIn, TCPServer):
 				else:
 					if (sys.version_info > (3, 0)):
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8'))
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 					else:
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0')
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 			except:
-				raise
 				pass
 		self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0))
 		TCPServer.server_bind(self)
@@ -118,12 +119,18 @@ class ThreadingTCPServerAuth(ThreadingMixIn, TCPServer):
 class ThreadingUDPMDNSServer(ThreadingMixIn, UDPServer):
 	def server_bind(self):
 		MADDR = "224.0.0.251"
-		
+		MADDR6 = 'ff02::fb'
 		self.socket.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR, 1)
 		self.socket.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255)
-		
 		Join = self.socket.setsockopt(socket.IPPROTO_IP,socket.IP_ADD_MEMBERSHIP, socket.inet_aton(MADDR) + settings.Config.IP_aton)
 
+		#IPV6:
+		if (sys.version_info > (3, 0)):
+			mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface))
+			self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq)
+		else:
+			mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface))
+			self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq)
 		if OsInterfaceIsSupported():
 			try:
 				if settings.Config.Bind_To_ALL:
@@ -131,21 +138,25 @@ class ThreadingUDPMDNSServer(ThreadingMixIn, UDPServer):
 				else:
 					if (sys.version_info > (3, 0)):
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8'))
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 					else:
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0')
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 			except:
-				raise
 				pass
 		UDPServer.server_bind(self)
 
 class ThreadingUDPLLMNRServer(ThreadingMixIn, UDPServer):
 	def server_bind(self):
-		MADDR = "224.0.0.252"
+		MADDR  = '224.0.0.252'
+		MADDR6 = 'FF02:0:0:0:0:0:1:3'
 		self.socket.setsockopt(socket.SOL_SOCKET,socket.SO_REUSEADDR,1)
-		self.socket.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255)
-		
+		self.socket.setsockopt(socket.IPPROTO_IP, socket.IP_MULTICAST_TTL, 255)		
 		Join = self.socket.setsockopt(socket.IPPROTO_IP,socket.IP_ADD_MEMBERSHIP,socket.inet_aton(MADDR) + settings.Config.IP_aton)
-		
+
+		#IPV6:
+		mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface))
+		self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq)
 		if OsInterfaceIsSupported():
 			try:
 				if settings.Config.Bind_To_ALL:
@@ -153,51 +164,61 @@ class ThreadingUDPLLMNRServer(ThreadingMixIn, UDPServer):
 				else:
 					if (sys.version_info > (3, 0)):
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8'))
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 					else:
 						self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0')
+						self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False)
 			except:
-				raise
-				#pass
+				pass
 		UDPServer.server_bind(self)
+		
 
 ThreadingUDPServer.allow_reuse_address = 1
+ThreadingUDPServer.address_family = socket.AF_INET6
+
 ThreadingTCPServer.allow_reuse_address = 1
+ThreadingTCPServer.address_family = socket.AF_INET6
+
 ThreadingUDPMDNSServer.allow_reuse_address = 1
+ThreadingUDPMDNSServer.address_family = socket.AF_INET6
+
 ThreadingUDPLLMNRServer.allow_reuse_address = 1
+ThreadingUDPLLMNRServer.address_family = socket.AF_INET6
+
 ThreadingTCPServerAuth.allow_reuse_address = 1
+ThreadingTCPServerAuth.address_family = socket.AF_INET6
 
 def serve_thread_udp_broadcast(host, port, handler):
 	try:
-		server = ThreadingUDPServer((host, port), handler)
+		server = ThreadingUDPServer(('', port), handler)
 		server.serve_forever()
 	except:
 		print(color("[!] ", 1, 1) + "Error starting UDP server on port " + str(port) + ", check permissions or other servers running.")
 
 def serve_NBTNS_poisoner(host, port, handler):
-	serve_thread_udp_broadcast(host, port, handler)
+	serve_thread_udp_broadcast('', port, handler)
 
 def serve_MDNS_poisoner(host, port, handler):
 	try:
-		server = ThreadingUDPMDNSServer((host, port), handler)
+		server = ThreadingUDPMDNSServer(('', port), handler)
 		server.serve_forever()
 	except:
 		print(color("[!] ", 1, 1) + "Error starting UDP server on port " + str(port) + ", check permissions or other servers running.")
 
 def serve_LLMNR_poisoner(host, port, handler):
 	try:
-		server = ThreadingUDPLLMNRServer((host, port), handler)
+		server = ThreadingUDPLLMNRServer(('', port), handler)
 		server.serve_forever()
 	except:
-		raise
 		print(color("[!] ", 1, 1) + "Error starting UDP server on port " + str(port) + ", check permissions or other servers running.")
-
+		
 def serve_thread_udp(host, port, handler):
 	try:
 		if OsInterfaceIsSupported():
-			server = ThreadingUDPServer((host, port), handler)
+			server = ThreadingUDPServer(('', port), handler)
 			server.serve_forever()
 		else:
-			server = ThreadingUDPServer((host, port), handler)
+			server = ThreadingUDPServer(('', port), handler)
 			server.serve_forever()
 	except:
 		print(color("[!] ", 1, 1) + "Error starting UDP server on port " + str(port) + ", check permissions or other servers running.")
@@ -205,10 +226,10 @@ def serve_thread_udp(host, port, handler):
 def serve_thread_tcp(host, port, handler):
 	try:
 		if OsInterfaceIsSupported():
-			server = ThreadingTCPServer((host, port), handler)
+			server = ThreadingTCPServer(('', port), handler)
 			server.serve_forever()
 		else:
-			server = ThreadingTCPServer((host, port), handler)
+			server = ThreadingTCPServer(('', port), handler)
 			server.serve_forever()
 	except:
 		print(color("[!] ", 1, 1) + "Error starting TCP server on port " + str(port) + ", check permissions or other servers running.")
@@ -216,10 +237,10 @@ def serve_thread_tcp(host, port, handler):
 def serve_thread_tcp_auth(host, port, handler):
 	try:
 		if OsInterfaceIsSupported():
-			server = ThreadingTCPServerAuth((host, port), handler)
+			server = ThreadingTCPServerAuth(('', port), handler)
 			server.serve_forever()
 		else:
-			server = ThreadingTCPServerAuth((host, port), handler)
+			server = ThreadingTCPServerAuth(('', port), handler)
 			server.serve_forever()
 	except:
 		print(color("[!] ", 1, 1) + "Error starting TCP server on port " + str(port) + ", check permissions or other servers running.")
@@ -231,11 +252,11 @@ def serve_thread_SSL(host, port, handler):
 		key =  os.path.join(settings.Config.ResponderPATH, settings.Config.SSLKey)
 
 		if OsInterfaceIsSupported():
-			server = ThreadingTCPServer((host, port), handler)
+			server = ThreadingTCPServer(('', port), handler)
 			server.socket = ssl.wrap_socket(server.socket, certfile=cert, keyfile=key, server_side=True)
 			server.serve_forever()
 		else:
-			server = ThreadingTCPServer((host, port), handler)
+			server = ThreadingTCPServer(('', port), handler)
 			server.socket = ssl.wrap_socket(server.socket, certfile=cert, keyfile=key, server_side=True)
 			server.serve_forever()
 	except:
@@ -243,7 +264,10 @@ def serve_thread_SSL(host, port, handler):
 
 def main():
 	try:
+		if (sys.version_info < (3, 0)):
+			print(color('\n\n[-]', 3, 1) + " Still using python 2? :(")
 		print(color('\n[+]', 2, 1) + " Listening for events...\n")
+			
 		threads = []
 
 		# Load (M)DNS, NBNS and LLMNR Poisoners