From a882d397a8adc7bc7461b779c5419dc2758a7938 Mon Sep 17 00:00:00 2001
From: jrmdev <jeremy.saintot@gmail.com>
Date: Tue, 28 Jul 2015 10:48:21 +1000
Subject: [PATCH] Minor fixes

---
 Responder.conf        |  2 +-
 servers/FTP.py        |  7 +------
 servers/HTTP.py       | 21 ---------------------
 servers/HTTP_Proxy.py | 15 ++++++++++++---
 servers/IMAP.py       |  5 -----
 servers/Kerberos.py   |  8 --------
 servers/LDAP.py       | 12 ------------
 servers/MSSQL.py      | 22 ----------------------
 servers/POP3.py       |  5 -----
 servers/SMB.py        | 24 ------------------------
 servers/SMTP.py       |  7 -------
 settings.py           |  6 ------
 utils.py              |  7 ++++++-
 13 files changed, 20 insertions(+), 121 deletions(-)

diff --git a/Responder.conf b/Responder.conf
index c39a6c7..1a52d5c 100644
--- a/Responder.conf
+++ b/Responder.conf
@@ -39,7 +39,7 @@ RespondToName =
 
 ; Specific IP Addresses not to respond to (default = None)
 ; Example: DontRespondTo = 10.20.1.100-150, 10.20.3.10
-DontRespondTo = 192.168.183.1, 10.0.2.2, 127.0.0.0-254
+DontRespondTo = 
 
 ; Specific NBT-NS/LLMNR names not to respond to (default = None)
 ; Example: DontRespondTo = NAC, IPS, IDS
diff --git a/servers/FTP.py b/servers/FTP.py
index 5af048e..6b1a5e1 100644
--- a/servers/FTP.py
+++ b/servers/FTP.py
@@ -50,12 +50,7 @@ class FTP(BaseRequestHandler):
 					'fullhash': User+':'+Pass
 				})
 
-				#print text("[FTP] Client   : %s" % color(self.client_address[0], 3))
-				#print text("[FTP] Username : %s" % color(User, 3))
-				#print text("[FTP] Password : %s" % color(Pass, 3))
-				#WriteData(settings.Config.FTPLog % self.client_address[0], User+":"+Pass, User+":"+Pass)
-
-			else :
+			else:
 				Packet = FTPPacket(Code="502",Message="Command not implemented.")
 				self.request.send(str(Packet))
 				data = self.request.recv(1024)
diff --git a/servers/HTTP.py b/servers/HTTP.py
index 6ee5d7c..0f0e6e6 100644
--- a/servers/HTTP.py
+++ b/servers/HTTP.py
@@ -57,14 +57,6 @@ def ParseHTTPHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[HTTP] NTLMv1 Client   : %s" % client)
-		#print text("[HTTP] NTLMv1 Hostname : %s" % HostName)
-		#print text("[HTTP] NTLMv1 User     : %s" % User)
-		#print text("[HTTP] NTLMv1 Hash     : %s" % LMHash+":"+NTHash)
-		#
-		#WriteHash = '%s::%s:%s:%s:%s' % (User, HostName, LMHash, NTHash, settings.Config.NumChal)
-		#WriteData(settings.Config.HTTPNTLMv1Log % client, WriteHash, User+"::"+HostName)
-
 	if NthashLen > 24:
 		NthashLen      = 64
 		DomainLen      = struct.unpack('<H',data[28:30])[0]
@@ -85,14 +77,6 @@ def ParseHTTPHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[HTTP] NTLMv2 Client   : %s" % client)
-		#print text("[HTTP] NTLMv2 Hostname : %s" % HostName)
-		#print text("[HTTP] NTLMv2 User     : %s" % Domain+"\\"+User)
-		#print text("[HTTP] NTLMv2 Hash     : %s" % NTHash[:32]+":"+NTHash[32:])
-		#
-		#WriteHash = '%s::%s:%s:%s:%s' % (User, Domain, settings.Config.NumChal, NTHash[:32], NTHash[32:])
-		#WriteData(settings.Config.HTTPNTLMv2Log % client, WriteHash, User+"::"+HostName)
-
 def GrabCookie(data, host):
 	Cookie = re.search('(Cookie:*.\=*)[^\r\n]*', data)
 
@@ -214,11 +198,6 @@ def PacketSequence(data, client):
 			'cleartext': ClearText_Auth.split(':')[1], 
 		})
 
-		#print text("[HTTP] (Basic) Client       : %s" % color(client, 3))
-		#print text("[HTTP] (Basic) Username     : %s" % color(ClearText_Auth.split(':')[0], 3))
-		#print text("[HTTP] (Basic) Password     : %s" % color(ClearText_Auth.split(':')[1], 3))
-		#WriteData(settings.Config.HTTPBasicLog % client, ClearText_Auth, ClearText_Auth)
-
 		if settings.Config.Force_WPAD_Auth and WPAD_Custom:
 			if settings.Config.Verbose:
 				print text("[HTTP] WPAD (auth) file sent to %s" % client)
diff --git a/servers/HTTP_Proxy.py b/servers/HTTP_Proxy.py
index f66a505..951d20a 100644
--- a/servers/HTTP_Proxy.py
+++ b/servers/HTTP_Proxy.py
@@ -254,6 +254,9 @@ class HTTP_Proxy(BaseHTTPServer.BaseHTTPRequestHandler):
 					self._read_write(soc, 300)
 				except:
 					pass
+		except:
+			pass
+
 		finally:
 			soc.close()
 			self.connection.close()
@@ -301,6 +304,9 @@ class HTTP_Proxy(BaseHTTPServer.BaseHTTPRequestHandler):
 				except:
 					pass
 
+		except:
+			pass
+
 		finally:
 			soc.close()
 			self.connection.close()
@@ -326,10 +332,13 @@ class HTTP_Proxy(BaseHTTPServer.BaseHTTPRequestHandler):
 							pass
 					else:
 						out = soc
-						data = i.recv(4096)
+						try:
+							data = i.recv(4096)
 
-						if self.command == "POST" and settings.Config.Verbose:
-							print text("[PROXY] POST Data     : %s" % data)
+							if self.command == "POST" and settings.Config.Verbose:
+								print text("[PROXY] POST Data     : %s" % data)
+						except:
+							pass
 					if data:
 						try:
 							out.send(data)
diff --git a/servers/IMAP.py b/servers/IMAP.py
index 3314a5c..c0ae12b 100644
--- a/servers/IMAP.py
+++ b/servers/IMAP.py
@@ -47,11 +47,6 @@ class IMAP(BaseRequestHandler):
 					'fullhash': Credentials[0]+":"+Credentials[1],
 				})
 
-				#print text("[IMAP] Address  : %s" % color(self.client_address[0], 3, 0))
-				#print text("[IMAP] Username : %s" % color(Credentials[0], 3, 0))
-				#print text("[IMAP] Password : %s" % color(Credentials[1], 3, 0))
-				#WriteData(settings.Config.IMAPLog % self.client_address[0], Credentials, Credentials)
-
 				## FIXME: Close connection properly
 				## self.request.send(str(ditchthisconnection()))
 				## data = self.request.recv(1024)
diff --git a/servers/Kerberos.py b/servers/Kerberos.py
index b188f17..b3ac4bf 100644
--- a/servers/Kerberos.py
+++ b/servers/Kerberos.py
@@ -133,10 +133,6 @@ class KerbTCP(BaseRequestHandler):
 					'fullhash': KerbHash,
 				})
 
-				#print text("[KERBEROS] Address       :" % self.client_address[0])
-				#print text("[KERBEROS] MSKerbv5 Hash :" % KerbHash)
-				#WriteData(settings.Config.KerberosLog % self.client_address[0], KerbHash, KerbHash)
-
 		except Exception:
 			raise
 
@@ -159,9 +155,5 @@ class KerbUDP(BaseRequestHandler):
 					'fullhash': KerbHash,
 				})
 
-				#print text("[KERBEROS] Address       :" % self.client_address[0])
-				#print text("[KERBEROS] MSKerbv5 Hash :" % KerbHash)
-				#WriteData(settings.Config.KerberosLog % self.client_address[0], KerbHash, KerbHash)
-
 		except Exception:
 			raise
diff --git a/servers/LDAP.py b/servers/LDAP.py
index 765be3a..688a012 100644
--- a/servers/LDAP.py
+++ b/servers/LDAP.py
@@ -64,12 +64,6 @@ def ParseLDAPHash(data, client):
 			'hash': NtHash,
 			'fullhash': WriteHash,
 		})
-
-		#print text("[LDAP] NTLMv1 Address  : %s" % client)
-		#print text("[LDAP] NTLMv1 Username : %s\\%s" % (Domain, User))
-		#print text("[LDAP] NTLMv1 Hash     : %s" % NtHash)
-		#WriteHash = User+"::"+Domain+":"+LMHash+":"+NtHash+":"+settings.Config.NumChal
-		#WriteData(settings.Config.LDAPNTLMv1Log % client, WriteHash, User+"::"+Domain)
 	
 	if LMhashLen < 2 and settings.Config.Verbose:
 		print text("[LDAP] Ignoring anonymous NTLM authentication")
@@ -114,12 +108,6 @@ def ParseLDAPPacket(data, client):
 					'cleartext': Password,
 					'fullhash': UserDomain+':'+Password,
 				})
-
-				#print text("[LDAP] Client   : %s" % color(client, 3, 0))
-				#print text("[LDAP] Username : %s" % color(UserDomain, 3, 0))
-				#print text("[LDAP] Password : %s" % color(Password, 3, 0))
-				#WritePass = '%s: %s:%s' % (client, UserDomain, Password)
-				#WriteData(settings.Config.LDAPClearLog % client, WritePass, WritePass)
 			
 			if sasl == "\xA3":
 				Buffer = ParseNTLM(data,client)
diff --git a/servers/MSSQL.py b/servers/MSSQL.py
index 8819272..ab708c8 100644
--- a/servers/MSSQL.py
+++ b/servers/MSSQL.py
@@ -85,13 +85,6 @@ def ParseSQLHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[MSSQL] NTLMv1 Client   : %s" % color(client, 3, 0))
-		#print text("[MSSQL] NTLMv1 Domain   : %s" % color(Domain, 3, 0))
-		#print text("[MSSQL] NTLMv1 User     : %s" % color(User, 3, 0))
-		#print text("[MSSQL] NTLMv1 Hash     : %s" % color(LMHash+":"+NTHash, 3, 0))
-		#WriteHash = '%s::%s:%s:%s:%s' % (User, Domain, LMHash, NTHash, settings.Config.NumChal)
-		#WriteData(settings.Config.MSSQLNTLMv1Log % client, User+"::"+Domain+":"+LMHash+":"+NtHash+":"+NumChal, User+"::"+Domain)
-
 	if NthashLen > 60:
 		WriteHash = '%s::%s:%s:%s:%s' % (User, Domain, settings.Config.NumChal, NTHash[:32], NTHash[32:])
 		
@@ -104,13 +97,6 @@ def ParseSQLHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[MSSQL] NTLMv2 Client   : %s" % color(client, 3, 0))
-		#print text("[MSSQL] NTLMv2 Domain   : %s" % color(Domain, 3, 0))
-		#print text("[MSSQL] NTLMv2 User     : %s" % color(User, 3, 0))
-		#print text("[MSSQL] NTLMv2 Hash     : %s" % color(NTHash[:32]+":"+NTHash[32:], 3, 0))
-		#WriteHash = '%s::%s:%s:%s:%s' % (User, Domain, settings.Config.NumChal, NTHash[:32], NTHash[32:])
-		#WriteData(settings.Config.MSSQLNTLMv2Log % client, WriteHash,User+"::"+Domain)
-
 def ParseSqlClearTxtPwd(Pwd):
 	Pwd = map(ord,Pwd.replace('\xa5',''))
 	Pw = []
@@ -132,14 +118,6 @@ def ParseClearTextSQLPass(data, client):
 		'fullhash': TDS.UserName +':'+ ParseSqlClearTxtPwd(TDS.Password),
 	})
 
-	#print text("[MSSQL] Client    : %s (%s)" % (color(client, 3, 0) , color(TDS.ClientName, 3, 0)))
-	#print text("[MSSQL] Server    : %s" % color(TDS.ServerName, 3, 0))
-	#print text("[MSSQL] Database  : %s" % color(TDS.DatabaseName, 3, 0))
-	#print text("[MSSQL] Username  : %s" % color(TDS.UserName, 3, 0))
-	#print text("[MSSQL] Password  : %s" % color(ParseSqlClearTxtPwd(TDS.Password), 3, 0))
-	#WritePass = TDS.UserName +':'+ ParseSqlClearTxtPwd(TDS.Password)
-	#WriteData(settings.Config.MSSQLClearLog % client, WritePass, WritePass)
-
 # MSSQL Server class
 class MSSQL(BaseRequestHandler):
 
diff --git a/servers/POP3.py b/servers/POP3.py
index 63d222f..5bdfa7e 100644
--- a/servers/POP3.py
+++ b/servers/POP3.py
@@ -51,11 +51,6 @@ class POP3(BaseRequestHandler):
 					'fullhash': User+":"+Pass,
 				})
 
-				#print text("[POP3] Address  : %s" % color(self.client_address[0], 3))
-				#print text("[POP3] Username : %s" % color(User, 3))
-				#print text("[POP3] Password : %s" % color(Pass, 3))
-				#WriteData(settings.Config.POP3Log % self.client_address[0], User+":"+Pass, User+":"+Pass)
-
 				data = self.SendPacketAndRead()
 
 			else:
diff --git a/servers/SMB.py b/servers/SMB.py
index 3abb2ba..37bff7f 100644
--- a/servers/SMB.py
+++ b/servers/SMB.py
@@ -131,12 +131,6 @@ def ParseSMBHash(data,client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[SMB] NTLMv1 (SSP) Address  : %s" % client)
-		#print text("[SMB] NTLMv1 (SSP) Username : %s\\%s" % (Domain, Username))
-		#print text("[SMB] NTLMv1 (SSP) Hash     : %s" % SMBHash)
-		#WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, LMHash, SMBHash, settings.Config.NumChal)
-		#WriteData(settings.Config.SMBNTLMSSPv1Log % client, WriteHash, Username+"::"+Domain)
-
 	if NthashLen > 60:
 		SMBHash      = SSPIStart[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
 		DomainLen    = struct.unpack('<H',data[109:111])[0]
@@ -156,12 +150,6 @@ def ParseSMBHash(data,client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[SMB] NTLMv2 (SSP) Address  : %s" % client)
-		#print text("[SMB] NTLMv2 (SSP) Username : %s\\%s" % (Domain, Username))
-		#print text("[SMB] NTLMv2 (SSP) Hash     : %s" % SMBHash)
-		#WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, SMBHash[:32], SMBHash[32:])
-		#WriteData(settings.Config.SMBNTLMSSPv2Log % client, WriteHash, Username+"::"+Domain)
-
 # Parse SMB NTLMv1/v2
 def ParseLMNTHash(data, client):
 
@@ -185,12 +173,6 @@ def ParseLMNTHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[SMB] NTLMv2 Address  : %s" % client)
-		#print text("[SMB] NTLMv2 Username : %s\\%s" % (Domain, Username))
-		#print text("[SMB] NTLMv2 Hash     : %s" % NtHash)
-		#WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, settings.Config.NumChal, LmHash, NtHash)
-		#WriteData(settings.Config.SMBNTLMv2Log % client, WriteHash, Username+"::"+Domain)
-
 	if NthashLen == 24:
 		NtHash = data[65+LMhashLen:65+LMhashLen+NthashLen].encode('hex').upper()
 		LmHash = data[65:65+LMhashLen].encode('hex').upper()
@@ -205,12 +187,6 @@ def ParseLMNTHash(data, client):
 			'fullhash': WriteHash,
 		})
 
-		#print text("[SMB] NTLMv1 Address  : %s" % client)
-		#print text("[SMB] NTLMv1 Username : %s\\%s" % (Domain, Username))
-		#print text("[SMB] NTLMv1 Hash     : %s" % NtHash)
-		#WriteHash = '%s::%s:%s:%s:%s' % (Username, Domain, LmHash, NtHash, settings.Config.NumChal)
-		#WriteData(settings.Config.SMBNTLMv1Log % client, WriteHash, Username+"::"+Domain)
-
 def IsNT4ClearTxt(data, client):
 	HeadLen = 36
 
diff --git a/servers/SMTP.py b/servers/SMTP.py
index 7a915e7..aeb3111 100644
--- a/servers/SMTP.py
+++ b/servers/SMTP.py
@@ -62,12 +62,5 @@ class ESMTP(BaseRequestHandler):
 						'fullhash': Username+":"+Password,
 					})
 
-					#print text("[SMTP] Address  : %s" % color(self.client_address[0], 3))
-					#print text("[SMTP] Username : %s" % color(Username, 3))
-					#print text("[SMTP] Password : %s" % color(Password, 3))
-					#WriteData(settings.Config.SMTPClearLog % self.client_address[0], Username+":"+Password, Username+":"+Password)
-
-					## FIXME: Close connection properly
-
 		except Exception:
 			pass
\ No newline at end of file
diff --git a/settings.py b/settings.py
index 0a6b7e2..4c820af 100644
--- a/settings.py
+++ b/settings.py
@@ -62,13 +62,7 @@ class Settings:
 			return ret
 
 		self.RespondTo = expand_ranges(self.RespondTo)
-		self.RespondToName = expand_ranges(self.RespondToName)
 		self.DontRespondTo = expand_ranges(self.DontRespondTo)
-		self.DontRespondToName = expand_ranges(self.DontRespondToName)
-		self.RespondTo = expand_ranges(self.RespondTo)
-		self.RespondToName = expand_ranges(self.RespondToName)
-		self.DontRespondTo = expand_ranges(self.DontRespondTo)
-		self.DontRespondToName = expand_ranges(self.DontRespondToName)
 
 	def populate(self, options):
 
diff --git a/utils.py b/utils.py
index 8dd798c..9f3dda5 100644
--- a/utils.py
+++ b/utils.py
@@ -181,10 +181,15 @@ def SaveToDb(result):
 			print text("[%s] %s Hostname : %s" % (result['module'], result['type'], color(result['hostname'], 3)))
 		if len(result['user']):
 			print text("[%s] %s Username : %s" % (result['module'], result['type'], color(result['user'], 3)))
+		
+		# Bu order of priority, print cleartext, fullhash, or hash
 		if len(result['cleartext']):
 			print text("[%s] %s Password : %s" % (result['module'], result['type'], color(result['cleartext'], 3)))
-		if len(result['hash']):
+		elif len(result['fullhash']):
+			print text("[%s] %s Hash     : %s" % (result['module'], result['type'], color(result['fullhash'], 3)))
+		elif len(result['hash']):
 			print text("[%s] %s Hash     : %s" % (result['module'], result['type'], color(result['hash'], 3)))
+			
 	else:
 		print color('[*]', 2, 1), 'Skipping previously captured hash for %s' % result['user']