From e057f101ac05e02f50bb220997c78457ea5a3519 Mon Sep 17 00:00:00 2001 From: Christopher Paschen Date: Thu, 15 Oct 2020 12:08:03 -0500 Subject: [PATCH] Adds configurable server timeouts This can be helpful if traffic is being routed back via a slow reverse proxy --- Responder.py | 7 +++++++ servers/Browser.py | 2 +- servers/HTTP.py | 2 +- servers/LDAP.py | 2 +- servers/MSSQL.py | 2 +- servers/Proxy_Auth.py | 2 +- servers/RDP.py | 4 ++-- servers/SMB.py | 4 ++-- settings.py | 7 +++++++ 9 files changed, 23 insertions(+), 9 deletions(-) diff --git a/Responder.py b/Responder.py index c27d2ea..134845e 100755 --- a/Responder.py +++ b/Responder.py @@ -43,6 +43,13 @@ parser.add_option('-F','--ForceWpadAuth', action="store_true", help="Force NTLM parser.add_option('-P','--ProxyAuth', action="store_true", help="Force NTLM (transparently)/Basic (prompt) authentication for the proxy. WPAD doesn't need to be ON. This option is highly effective when combined with -r. Default: False", dest="ProxyAuth_On_Off", default=False) parser.add_option('--lm', action="store_true", help="Force LM hashing downgrade for Windows XP/2003 and earlier. Default: False", dest="LM_On_Off", default=False) +parser.add_option('--httptimeout', action="store", help="Configures the timeout in use by http(s) server threads", dest="HTTPTimeout", type=float, default=3) +parser.add_option('--browsertimeout', action="store", help="Configures the timeout in use by smb browser fingerprinter", dest="BrowserTimeout", type=float, default=0.3) +parser.add_option('--ldaptimeout', action="store", help="Configures the timeout in use by LDAP server threads", dest="LDAPTimeout", type=float, default=0.4) +parser.add_option('--mssqltimeout', action="store", help="Configures the timeout in use by MSSQL server threads", dest="MSSQLTimeout", type=float, default=1) +parser.add_option('--proxytimeout', action="store", help="Configures the timeout in use by proxy server threads", dest="ProxyTimeout", type=float, default=3) +parser.add_option('--rdptimeout', action="store", help="Configures the timeout in use by RDP server threads", dest="RDPTimeout", type=float, default=30) +parser.add_option('--smbtimeout', action="store", help="Configures the timeout in use by SMB server threads", dest="SMBTimeout", type=float, default=1) parser.add_option('-v','--verbose', action="store_true", help="Increase verbosity.", dest="Verbose") options, args = parser.parse_args() diff --git a/servers/Browser.py b/servers/Browser.py index abda10c..81e7065 100644 --- a/servers/Browser.py +++ b/servers/Browser.py @@ -97,7 +97,7 @@ def RapFinger(Host, Domain, Type): try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((Host,445)) - s.settimeout(0.3) + s.settimeout(settings.Config.BrowserTimeout) Header = SMBHeader(cmd="\x72",mid="\x01\x00") Body = SMBNegoData() diff --git a/servers/HTTP.py b/servers/HTTP.py index 2cf5216..79aded4 100644 --- a/servers/HTTP.py +++ b/servers/HTTP.py @@ -269,7 +269,7 @@ class HTTP(BaseRequestHandler): try: Challenge = RandomChallenge() while True: - self.request.settimeout(3) + self.request.settimeout(settings.Config.HTTPTimeout) remaining = 10*1024*1024 #setting max recieve size data = '' while True: diff --git a/servers/LDAP.py b/servers/LDAP.py index bf8ba84..84ab67d 100644 --- a/servers/LDAP.py +++ b/servers/LDAP.py @@ -148,7 +148,7 @@ def ParseLDAPPacket(data, client, Challenge): class LDAP(BaseRequestHandler): def handle(self): try: - self.request.settimeout(0.4) + self.request.settimeout(settings.Config.LDAPTimeout) data = self.request.recv(8092) Challenge = RandomChallenge() for x in range(5): diff --git a/servers/MSSQL.py b/servers/MSSQL.py index 3a44012..7f326b5 100644 --- a/servers/MSSQL.py +++ b/servers/MSSQL.py @@ -128,7 +128,7 @@ class MSSQL(BaseRequestHandler): self.ntry = 0 while True: data = self.request.recv(1024) - self.request.settimeout(1) + self.request.settimeout(settings.Config.MSSQLTimeout) Challenge = RandomChallenge() if not data: diff --git a/servers/Proxy_Auth.py b/servers/Proxy_Auth.py index ad17546..3102cc6 100644 --- a/servers/Proxy_Auth.py +++ b/servers/Proxy_Auth.py @@ -104,7 +104,7 @@ class Proxy_Auth(BaseRequestHandler): try: Challenge = RandomChallenge() while True: - self.request.settimeout(3) + self.request.settimeout(settings.Config.ProxyTimeout) remaining = 10*1024*1024 #setting max recieve size data = '' while True: diff --git a/servers/RDP.py b/servers/RDP.py index 82edbe7..f1acd71 100644 --- a/servers/RDP.py +++ b/servers/RDP.py @@ -95,7 +95,7 @@ class RDP(BaseRequestHandler): def handle(self): try: data = self.request.recv(1024) - self.request.settimeout(30) + self.request.settimeout(settings.Config.RDPTimeout) Challenge = RandomChallenge() if data[11:12] == b'\x01': @@ -106,7 +106,7 @@ class RDP(BaseRequestHandler): buffer1 = str(h) self.request.send(NetworkSendBufferPython2or3(buffer1)) SSLsock = ssl.wrap_socket(self.request, certfile=cert, keyfile=key, ssl_version=ssl.PROTOCOL_TLS,server_side=True) - SSLsock.settimeout(30) + SSLsock.settimeout(settings.Config.RDPTimeout) data = SSLsock.read(8092) if FindNTLMNegoStep(data) == b'\x01\x00\x00\x00': x = RDPNTLMChallengeAnswer(NTLMSSPNtServerChallenge=NetworkRecvBufferPython2or3(Challenge)) diff --git a/servers/SMB.py b/servers/SMB.py index c61dcf5..463138a 100644 --- a/servers/SMB.py +++ b/servers/SMB.py @@ -194,7 +194,7 @@ class SMB1(BaseRequestHandler): # SMB1 & SMB2 Server class, NTLMSSP self.ntry = 0 while True: data = self.request.recv(1024) - self.request.settimeout(1) + self.request.settimeout(settings.Config.SMBTimeout) Challenge = RandomChallenge() if not data: @@ -333,7 +333,7 @@ class SMB1(BaseRequestHandler): # SMB1 & SMB2 Server class, NTLMSSP class SMB1LM(BaseRequestHandler): # SMB Server class, old version def handle(self): try: - self.request.settimeout(0.5) + self.request.settimeout(settings.Config.SMBTimeout / 2) data = self.request.recv(1024) Challenge = RandomChallenge() if data[0] == b"\x81": #session request 139 diff --git a/settings.py b/settings.py index 1314f11..c53557a 100644 --- a/settings.py +++ b/settings.py @@ -179,6 +179,13 @@ class Settings: self.AnalyzeMode = options.Analyze self.Verbose = options.Verbose self.ProxyAuth_On_Off = options.ProxyAuth_On_Off + self.HTTPTimeout = options.HTTPTimeout + self.BrowserTimeout = options.BrowserTimeout + self.LDAPTimeout = options.LDAPTimeout + self.MSSQLTimeout = options.MSSQLTimeout + self.ProxyTimeout = options.ProxyTimeout + self.RDPTimeout = options.RDPTimeout + self.SMBTimeout = options.SMBTimeout self.CommandLine = str(sys.argv) if self.ExternalIP: