mirror of
https://github.com/lgandx/Responder.git
synced 2025-08-20 13:23:38 -07:00
macOS Fixes
Replaced OSX_Launcher.sh with macOS_Launcher.sh, which fixes the following issues: * Old launcher did not check all necessary ports per README.md * Old launcher did not search for UDP listeners due to improper lsof usage * Old launcher (self-admittedly) used legacy calls which are soon to be removed from macOS * Old launcher did not properly pass arguments to Responder.py * Old launcher set `bash -x`, causing unwanted debug output * Old launcher used the legacy "OSX" moniker, which Apple has abandoned and replaced with "macOS" Additionally, README.md has been updated to replace legacy service stopping methods with modern ones.
This commit is contained in:
Johnny Xmas
parent
b8818ed0c4
commit
efebe7b701
3 changed files with 83 additions and 43 deletions
|
|
@ -1,39 +0,0 @@
|
|||
# responder launcher
|
||||
# set -x
|
||||
# Usage:
|
||||
# ./responderd /path/to/responder interface responder_options
|
||||
|
||||
# port list
|
||||
# Everything -> tcp:21 tcp:80 tcp:25 udp:53 tcp:88 udp:137 udp:138 tcp:139 tcp:143 tcp:443 tcp:445 tcp:110 tcp:389 tcp:1433 tcp:3141 udp:5353 udp:5355
|
||||
PORT_LIST=(tcp:21 udp:53 tcp:88 udp:137 udp:138 tcp:139 tcp:143 tcp:445 tcp:389 tcp:1433 udp:5353 udp:5355)
|
||||
SVC_LIST=()
|
||||
|
||||
# check for running processes and kill them one by one
|
||||
# looping over everything rather than doing a mass kill because some processes may be
|
||||
# children and may not need to be killed
|
||||
for port in ${PORT_LIST[@]}; do
|
||||
PROC=$(lsof +c 0 -i $port | grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1)
|
||||
if [ -n "$PROC" ]; then
|
||||
AGENT=$(sudo launchctl list | grep -m 1 $PROC | cut -f3 | sed 's/.reloaded//g')
|
||||
|
||||
# load/unload are listed as "legacy" in 10.10+ may need to change this someday
|
||||
echo "Stopping $PROC"
|
||||
sudo launchctl unload -w /System/Library/LaunchDaemons/$AGENT.plist
|
||||
|
||||
# append killed service to new array
|
||||
SVC_LIST+=($AGENT)
|
||||
fi
|
||||
done
|
||||
|
||||
# get IP address
|
||||
IP=$(ifconfig $2 | grep 'inet ' | cut -d' ' -f2)
|
||||
|
||||
# Launch responder
|
||||
python $1 $3 -i $IP
|
||||
|
||||
# restore stopped services
|
||||
for agent in ${SVC_LIST[@]}; do
|
||||
echo "Starting $agent"
|
||||
sudo launchctl load -w /System/Library/LaunchDaemons/$agent.plist
|
||||
|
||||
done
|
||||
|
|
@ -103,13 +103,13 @@ Edit this file /etc/NetworkManager/NetworkManager.conf and comment the line: `dn
|
|||
|
||||
- For OSX, please note: Responder must be launched with an IP address for the -i flag (e.g. -i YOUR_IP_ADDR). There is no native support in OSX for custom interface binding. Using -i en1 will not work. Also to run Responder with the best experience, run the following as root:
|
||||
|
||||
launchctl unload /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
|
||||
launchctl bootout system /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
|
||||
|
||||
launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
|
||||
launchctl bootout system /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
|
||||
|
||||
launchctl unload /System/Library/LaunchDaemons/com.apple.smbd.plist
|
||||
launchctl bootout system /System/Library/LaunchDaemons/com.apple.smbd.plist
|
||||
|
||||
launchctl unload /System/Library/LaunchDaemons/com.apple.netbiosd.plist
|
||||
launchctl bootout system /System/Library/LaunchDaemons/com.apple.netbiosd.plist
|
||||
|
||||
## Usage ##
|
||||
|
||||
|
|
|
|||
79
macOS_Launcher.sh
Executable file
79
macOS_Launcher.sh
Executable file
|
|
@ -0,0 +1,79 @@
|
|||
#!/usr/bin/env bash
|
||||
#Responder launcher for MacOS
|
||||
|
||||
USAGE="$(basename "$0") [Responder.py arguments...] - Script to automagically re/configure a MacOS environment and launch Responder"
|
||||
|
||||
#Environment check
|
||||
if uname -a | grep -v -q Darwin
|
||||
then echo "This script is only for MacOS. On any other OS, run Responder.py directly."
|
||||
exit 1
|
||||
elif csrutil status | grep -q enabled
|
||||
then echo "Please disable System Integrity Protection so Responder can stop and start protected services"
|
||||
exit 1
|
||||
elif [[ $# -eq 0 ]]
|
||||
then echo "Usage: $USAGE"
|
||||
echo "You haven't provided any arguments! Run Responder.py -h for args help."
|
||||
exit 1
|
||||
elif [ "$EUID" -ne 0 ]
|
||||
then echo "Managing servces requires root privledges. Please run as root."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
TCP_LIST=(21 25 80 88 110 135 139 143 389 445 587 1433 3128 3141)
|
||||
UDP_LIST=(53 137 138 389 1434 5353 5355)
|
||||
SVC_LIST=()
|
||||
|
||||
#Stop services specified in README.md (if they exist)
|
||||
if [ -e /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist ]
|
||||
then launchctl bootout system /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
|
||||
SVC_LIST+=(com.apple.Kerberos.kdc)
|
||||
fi
|
||||
if [ -e /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ]
|
||||
then launchctl bootout system /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
|
||||
SVC_LIST+=(com.apple.mDNSResponder)
|
||||
fi
|
||||
if [ -e /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ]
|
||||
then launchctl bootout system /System/Library/LaunchDaemons/com.apple.smbd.plist
|
||||
SVC_LIST+=(com.apple.smbd)
|
||||
fi
|
||||
if [ -e /System/Library/LaunchDaemons/com.apple.netbiosd.plist ]
|
||||
then launchctl bootout system /System/Library/LaunchDaemons/com.apple.netbiosd.plist
|
||||
SVC_LIST+=(com.apple.netbiosd)
|
||||
fi
|
||||
|
||||
# Check for any TCP listeners and shut them down
|
||||
echo "Resolving listening service conflicts..."
|
||||
for PORT in "${TCP_LIST[@]}"; do
|
||||
echo "Checking for TCP listeners on Port $PORT..."
|
||||
PROC=$(lsof +c 0 -iTCP:"$PORT" -sTCP:LISTEN -nP | grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1) #Get service name
|
||||
if [ -n "$PROC" ]; then
|
||||
echo "Found $PROC listening on port $PORT"
|
||||
AGENT=$(sudo launchctl list | grep -m 1 "$PROC*" | cut -f3 | sed 's/.reloaded//g') #Find the service plist
|
||||
echo "$AGENT"
|
||||
echo "Stopping conflicting service: $PROC"
|
||||
sudo launchctl bootout system /System/Library/LaunchDaemons/"$AGENT".plist #Shut it down
|
||||
SVC_LIST+=("$AGENT") # append killed service to an array
|
||||
fi
|
||||
done
|
||||
|
||||
#Do the same for UDP
|
||||
for PORT in "${UDP_LIST[@]}"; do
|
||||
echo "Checking for UDP listeners on port $PORT..."
|
||||
PROC=$(sudo lsof +c 0 -iUDP:"$PORT" -nP | grep -E -v '(127|::1)'| grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1)
|
||||
if [ -n "$PROC" ]; then
|
||||
echo "Found $PROC listening on Port $PORT"
|
||||
AGENT=$(sudo launchctl list | grep -m 1 "$PROC*" | cut -f3 | sed 's/.reloaded//g')
|
||||
echo "Stopping coflicting service: $PROC"
|
||||
sudo launchctl bootout system /System/Library/LaunchDaemons/"$AGENT".plist
|
||||
SVC_LIST+=("$AGENT")
|
||||
fi
|
||||
done
|
||||
|
||||
# Launch Responder using provided arguments
|
||||
sudo /usr/bin/env python ./Responder.py "$@"
|
||||
|
||||
# Restore stopped services after Responder exits
|
||||
for AGENT in "${SVC_LIST[@]}"; do
|
||||
echo "Restarting stopped service: $AGENT"
|
||||
sudo launchctl bootstrap system /System/Library/LaunchDaemons/"$AGENT".plist
|
||||
done
|
||||
Loading…
Add table
Add a link
Reference in a new issue