Updated the Readme file with the new options and removed some old stuff

2025-08-19 13:00:00 -07:00 · 2021-12-17 00:32:12 -03:00 · 2021-12-17 00:32:12 -03:00 · bc812da2ef
commit bc812da2ef
parent 3e8c9fdb0e
1 changed files with 37 additions and 36 deletions
--- a/README.md
+++ b/README.md
@ -1,6 +1,6 @@
 # Responder/MultiRelay #
-LLMNR/NBT-NS/mDNS Poisoner and NTLMv1/2 Relay.
+IPv6/IPv4 LLMNR/NBT-NS/mDNS Poisoner and NTLMv1/2 Relay.
 Author: Laurent Gaffie <laurent.gaffie@gmail.com >  https://g-laurent.blogspot.com
@ -8,12 +8,12 @@ Author: Laurent Gaffie <laurent.gaffie@gmail.com >  https://g-laurent.blogspot.c
 ## Intro ##
-Responder is an LLMNR, NBT-NS and MDNS poisoner. It will answer to *specific* NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409). By default, the tool will only answer to File Server Service request, which is for SMB.
+Responder is an LLMNR, NBT-NS and MDNS poisoner. 
 The concept behind this is to target our answers, and be stealthier on the network. This also helps to ensure that we don't break legitimate NBT-NS behavior. You can set the -r option via command line if you want to answer to the Workstation Service request name suffix. The option -d is also available if you want to poison Domain Service name queries.
 ## Features ##
 - Dual IPv6/IPv4 stack.
 - Built-in SMB Auth server.
 Supports NTLMv1, NTLMv2 hashes with Extended Security NTLMSSP by default. Successfully tested from Windows 95 to Server 2022, Samba and Mac OSX Lion. Clear text password is supported for NT4, and LM hashing downgrade when the --lm option is set. If --disable-ess is set, extended session security will be disabled for NTLMv1 authentication. SMBv2 has also been implemented and is supported by default.
@ -129,42 +129,48 @@ Typical Usage Example:
 Options:
-	  --version             show program's version number and exit.
+	  --version             show program's version number and exit
-	  -h, --help            show this help message and exit.
+	  -h, --help            show this help message and exit
 	  -A, --analyze         Analyze mode. This option allows you to see NBT-NS,
-	                        BROWSER, LLMNR requests without responding.
+                        BROWSER, LLMNR requests without responding.
 	  -I eth0, --interface=eth0
-	                        Network interface to use.
+                        Network interface to use, you can use 'ALL' as a
-          -i 10.0.0.21, --ip=10.0.0.21
+                        wildcard for all interfaces
-                                Local IP to use (only for OSX)
+	  -i 10.0.0.21, --ip=10.0.0.21
-          -e 10.0.0.22, --externalip=10.0.0.22
+                        Local IP to use (only for OSX)
-                                Poison all requests with another IP address than
+	  -6 2002:c0a8:f7:1:3ba8:aceb:b1a9:81ed, --externalip6=2002:c0a8:f7:1:3ba8:aceb:b1a9:81ed
-                                Responder's one.
+                        Poison all requests with another IPv6 address than
                        Responder's one.
 	  -e 10.0.0.22, --externalip=10.0.0.22
                        Poison all requests with another IP address than
                        Responder's one.
 	  -b, --basic           Return a Basic HTTP authentication. Default: NTLM
 	  -r, --wredir          Enable answers for netbios wredir suffix queries.
-	                        Answering to wredir will likely break stuff on the
+                        Answering to wredir will likely break stuff on the
-	                        network. Default: Off
+                        network. Default: False
-	  -d, --NBTNSdomain     Enable answers for netbios domain suffix queries.
+	  -d, --DHCP            Enable answers for DHCP broadcast requests. This
-	                        Answering to domain suffixes will likely break stuff
+                        option will inject a WPAD server in the DHCP response.
-	                        on the network. Default: Off
+                        Default: False
-	  -f, --fingerprint     This option allows you to fingerprint a host that
+	  -D, --DHCP-DNS        This option will inject a DNS server in the DHCP
-	                        issued an NBT-NS or LLMNR query.
+                        response, otherwise a WPAD server will be added.
                        Default: False
 	  -w, --wpad            Start the WPAD rogue proxy server. Default value is
-	                        Off
+                        False
 	  -u UPSTREAM_PROXY, --upstream-proxy=UPSTREAM_PROXY
-	                        Upstream HTTP proxy used by the rogue WPAD Proxy for
+                        Upstream HTTP proxy used by the rogue WPAD Proxy for
-	                        outgoing requests (format: host:port)
+                        outgoing requests (format: host:port)
 	  -F, --ForceWpadAuth   Force NTLM/Basic authentication on wpad.dat file
-	                        retrieval. This may cause a login prompt. Default:
+                        retrieval. This may cause a login prompt. Default:
-	                        Off
+                        False
-	  -P, --ProxyAuth       Force NTLM (transparently)/Basic (prompt) 
+	  -P, --ProxyAuth       Force NTLM (transparently)/Basic (prompt)
-                                authentication for the proxy. WPAD doesn't need to
+                        authentication for the proxy. WPAD doesn't need to be
-                                be ON. This option is highly effective when combined
+                        ON. This option is highly effective when combined with
-                                with -r. Default: Off
+                        -r. Default: False
 	  --lm                  Force LM hashing downgrade for Windows XP/2003 and
-	                        earlier. Default: Off
+                        earlier. Default: False
-	  --disable-ess         Force ESS downgrade. Default: Off
+	  --disable-ess         Force ESS downgrade. Default: False
 	  -v, --verbose         Increase verbosity.
 ## Donation ##
@ -199,11 +205,6 @@ We would like to thanks those major sponsors:
 Thank you.
 ## Official Discord Channel
 Come hang out on Discord!
 [![Porchetta Industries](https://discordapp.com/api/guilds/736724457258745996/widget.png?style=banner3)](https://discord.gg/sEkn3aa)
 ## Copyright ##