github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-08-20 21:33:31 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #243 from nobbd/nobbd-patch-1

Browse source 
Fix bug with single byte comparisons in python3
This commit is contained in:
lgandx 2023-09-11 07:12:28 -03:00 committed by GitHub
commit de20dcf408
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 13 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

4
servers/MSSQL.py
View file

@ -168,9 +168,9 @@ class MSSQLBrowser(BaseRequestHandler):
if data: if data:
if data[0] in b'\x02\x03': # CLNT_BCAST_EX / CLNT_UCAST_EX if data[0] in b'\x02\x03': # CLNT_BCAST_EX / CLNT_UCAST_EX
self.send_response(soc, "MSSQLSERVER") self.send_response(soc, "MSSQLSERVER")
elif data[0] == b'\x04': # CLNT_UCAST_INST elif data[0:1] == b'\x04': # CLNT_UCAST_INST
self.send_response(soc, data[1:].rstrip("\x00")) self.send_response(soc, data[1:].rstrip("\x00"))
elif data[0] == b'\x0F': # CLNT_UCAST_DAC elif data[0:1] == b'\x0F': # CLNT_UCAST_DAC
self.send_dac_response(soc) self.send_dac_response(soc)
def send_response(self, soc, inst): def send_response(self, soc, inst):

6
servers/SMB.py
View file

@ -178,7 +178,7 @@ def IsNT4ClearTxt(data, client):
WordCount = data[HeadLen] WordCount = data[HeadLen]
ChainedCmdOffset = data[HeadLen+1] ChainedCmdOffset = data[HeadLen+1]
if ChainedCmdOffset == "\x75": if ChainedCmdOffset == "\x75" or ChainedCmdOffset == 117:
PassLen = struct.unpack('<H',data[HeadLen+15:HeadLen+17])[0] PassLen = struct.unpack('<H',data[HeadLen+15:HeadLen+17])[0]
if PassLen > 2: if PassLen > 2:
@ -200,7 +200,7 @@ class SMB1(BaseRequestHandler): # SMB1 & SMB2 Server class, NTLMSSP
if not data: if not data:
break break
if data[0] == "\x81": #session request 139 if data[0:1] == b"\x81": #session request 139
Buffer = "\x82\x00\x00\x00" Buffer = "\x82\x00\x00\x00"
try: try:
self.request.send(Buffer) self.request.send(Buffer)
@ -335,7 +335,7 @@ class SMB1LM(BaseRequestHandler): # SMB Server class, old version
self.request.settimeout(1) self.request.settimeout(1)
data = self.request.recv(1024) data = self.request.recv(1024)
Challenge = RandomChallenge() Challenge = RandomChallenge()
if data[0] == b"\x81": #session request 139 if data[0:1] == b"\x81": #session request 139
Buffer = "\x82\x00\x00\x00" Buffer = "\x82\x00\x00\x00"
self.request.send(NetworkSendBufferPython2or3(Buffer)) self.request.send(NetworkSendBufferPython2or3(Buffer))
data = self.request.recv(1024) data = self.request.recv(1024)

4
tools/MultiRelay/RelayMultiCore.py
View file

@ -636,7 +636,7 @@ def MimiKatzRPC(Command, f, host, data, s):
Output = ExtractRPCCommandOutput(data)[12:] Output = ExtractRPCCommandOutput(data)[12:]
while True: while True:
dataoffset = dataoffset + buffsize dataoffset = dataoffset + buffsize
if data[64:66] == b"\x05\x00" and data[67] == b"\x02":##Last DCE/RPC Frag if data[64:66] == b"\x05\x00" and data[67:68] == b"\x02":##Last DCE/RPC Frag
LastFragLen = struct.unpack('<h', data[61:63])[0] LastFragLen = struct.unpack('<h', data[61:63])[0]
if LastFragLen < 1024: if LastFragLen < 1024:
Output += ExtractRPCCommandOutput(data) Output += ExtractRPCCommandOutput(data)
@ -646,7 +646,7 @@ def MimiKatzRPC(Command, f, host, data, s):
Output += ExtractRPCCommandOutput(data) Output += ExtractRPCCommandOutput(data)
break break
if data[64:66] == b"\x05\x00" and data[67] == b"\x03":##First and Last DCE/RPCFrag if data[64:66] == b"\x05\x00" and data[67:68] == b"\x03":##First and Last DCE/RPCFrag
data, s, out = SMBDCERPCReadOutput(StructWithLenPython2or3("<i", dataoffset), StructWithLenPython2or3('<h', 4096),f, data, s) data, s, out = SMBDCERPCReadOutput(StructWithLenPython2or3("<i", dataoffset), StructWithLenPython2or3('<h', 4096),f, data, s)
Output += ExtractRPCCommandOutput(data) Output += ExtractRPCCommandOutput(data)
break break

10
tools/RunFinger.py
View file

@ -106,7 +106,7 @@ def ParseNegotiateSMB2Ans(data):
def SMB2SigningMandatory(data): def SMB2SigningMandatory(data):
global SMB2signing global SMB2signing
if data[70] == "\x03": if data[70:71] == b"\x03":
SMB2signing = "True" SMB2signing = "True"
else: else:
SMB2signing = "False" SMB2signing = "False"
@ -201,7 +201,7 @@ def IsDCVuln(t, host):
##################### #####################
def IsSigningEnabled(data): def IsSigningEnabled(data):
if data[39] == "\x0f": if data[39:40] == b"\x0f":
return 'True' return 'True'
else: else:
return 'False' return 'False'
@ -364,7 +364,7 @@ def ConnectAndChoseSMB(host):
return False return False
def handle(data, host): def handle(data, host):
if data[28] == "\x00": if data[28:29] == b"\x00":
a = SMBv2Head() a = SMBv2Head()
a.calculate() a.calculate()
b = SMBv2Negotiate() b = SMBv2Negotiate()
@ -373,7 +373,7 @@ def handle(data, host):
buffer0 = longueur(packet0)+packet0 buffer0 = longueur(packet0)+packet0
return buffer0 return buffer0
if data[28] == "\x01": if data[28:29] == b"\x01":
global Bootime global Bootime
SMB2SigningMandatory(data) SMB2SigningMandatory(data)
Bootime = IsDCVuln(GetBootTime(data[116:124]), host[0]) Bootime = IsDCVuln(GetBootTime(data[116:124]), host[0])
@ -385,7 +385,7 @@ def handle(data, host):
buffer0 = longueur(packet0)+packet0 buffer0 = longueur(packet0)+packet0
return buffer0 return buffer0
if data[28] == "\x02": if data[28:29] == b"\x02":
ParseSMBNTLM2Exchange(data, host[0], Bootime, SMB2signing) ParseSMBNTLM2Exchange(data, host[0], Bootime, SMB2signing)
################## ##################

2
tools/SMBFinger/Finger.py
View file

@ -152,7 +152,7 @@ def color(txt, code = 1, modifier = 0):
return "\033[%d;3%dm%s\033[0m" % (modifier, code, txt) return "\033[%d;3%dm%s\033[0m" % (modifier, code, txt)
def IsSigningEnabled(data): def IsSigningEnabled(data):
if data[39] == "\x0f": if data[39:40] == b"\x0f":
return True return True
else: else:
return False return False