diff --git a/OSX_launcher.sh b/OSX_launcher.sh deleted file mode 100644 index d9e9423..0000000 --- a/OSX_launcher.sh +++ /dev/null @@ -1,39 +0,0 @@ -# responder launcher -# set -x -# Usage: -# ./responderd /path/to/responder interface responder_options - -# port list -# Everything -> tcp:21 tcp:80 tcp:25 udp:53 tcp:88 udp:137 udp:138 tcp:139 tcp:143 tcp:443 tcp:445 tcp:110 tcp:389 tcp:1433 tcp:3141 udp:5353 udp:5355 -PORT_LIST=(tcp:21 udp:53 tcp:88 udp:137 udp:138 tcp:139 tcp:143 tcp:445 tcp:389 tcp:1433 udp:5353 udp:5355) -SVC_LIST=() - -# check for running processes and kill them one by one -# looping over everything rather than doing a mass kill because some processes may be -# children and may not need to be killed -for port in ${PORT_LIST[@]}; do - PROC=$(lsof +c 0 -i $port | grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1) - if [ -n "$PROC" ]; then - AGENT=$(sudo launchctl list | grep -m 1 $PROC | cut -f3 | sed 's/.reloaded//g') - - # load/unload are listed as "legacy" in 10.10+ may need to change this someday - echo "Stopping $PROC" - sudo launchctl unload -w /System/Library/LaunchDaemons/$AGENT.plist - - # append killed service to new array - SVC_LIST+=($AGENT) - fi -done - -# get IP address -IP=$(ifconfig $2 | grep 'inet ' | cut -d' ' -f2) - -# Launch responder -python $1 $3 -i $IP - -# restore stopped services -for agent in ${SVC_LIST[@]}; do - echo "Starting $agent" - sudo launchctl load -w /System/Library/LaunchDaemons/$agent.plist - -done diff --git a/README.md b/README.md index 7689c42..b181603 100755 --- a/README.md +++ b/README.md @@ -103,13 +103,13 @@ Edit this file /etc/NetworkManager/NetworkManager.conf and comment the line: `dn - For OSX, please note: Responder must be launched with an IP address for the -i flag (e.g. -i YOUR_IP_ADDR). There is no native support in OSX for custom interface binding. Using -i en1 will not work. Also to run Responder with the best experience, run the following as root: - launchctl unload /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist + launchctl bootout system /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist - launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist + launchctl bootout system /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist - launchctl unload /System/Library/LaunchDaemons/com.apple.smbd.plist + launchctl bootout system /System/Library/LaunchDaemons/com.apple.smbd.plist - launchctl unload /System/Library/LaunchDaemons/com.apple.netbiosd.plist + launchctl bootout system /System/Library/LaunchDaemons/com.apple.netbiosd.plist ## Usage ## diff --git a/macOS_Launcher.sh b/macOS_Launcher.sh new file mode 100755 index 0000000..6fd4baa --- /dev/null +++ b/macOS_Launcher.sh @@ -0,0 +1,79 @@ +#!/usr/bin/env bash +#Responder launcher for MacOS + +USAGE="$(basename "$0") [Responder.py arguments...] - Script to automagically re/configure a MacOS environment and launch Responder" + +#Environment check +if uname -a | grep -v -q Darwin + then echo "This script is only for MacOS. On any other OS, run Responder.py directly." + exit 1 +elif csrutil status | grep -q enabled + then echo "Please disable System Integrity Protection so Responder can stop and start protected services" + exit 1 +elif [[ $# -eq 0 ]] + then echo "Usage: $USAGE" + echo "You haven't provided any arguments! Run Responder.py -h for args help." + exit 1 +elif [ "$EUID" -ne 0 ] + then echo "Managing servces requires root privledges. Please run as root." + exit 1 +fi + +TCP_LIST=(21 25 80 88 110 135 139 143 389 445 587 1433 3128 3141) +UDP_LIST=(53 137 138 389 1434 5353 5355) +SVC_LIST=() + +#Stop services specified in README.md (if they exist) +if [ -e /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist ] + then launchctl bootout system /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist + SVC_LIST+=(com.apple.Kerberos.kdc) +fi +if [ -e /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ] + then launchctl bootout system /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist + SVC_LIST+=(com.apple.mDNSResponder) +fi +if [ -e /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist ] + then launchctl bootout system /System/Library/LaunchDaemons/com.apple.smbd.plist + SVC_LIST+=(com.apple.smbd) +fi +if [ -e /System/Library/LaunchDaemons/com.apple.netbiosd.plist ] + then launchctl bootout system /System/Library/LaunchDaemons/com.apple.netbiosd.plist + SVC_LIST+=(com.apple.netbiosd) +fi + +# Check for any TCP listeners and shut them down +echo "Resolving listening service conflicts..." +for PORT in "${TCP_LIST[@]}"; do + echo "Checking for TCP listeners on Port $PORT..." + PROC=$(lsof +c 0 -iTCP:"$PORT" -sTCP:LISTEN -nP | grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1) #Get service name + if [ -n "$PROC" ]; then + echo "Found $PROC listening on port $PORT" + AGENT=$(sudo launchctl list | grep -m 1 "$PROC*" | cut -f3 | sed 's/.reloaded//g') #Find the service plist + echo "$AGENT" + echo "Stopping conflicting service: $PROC" + sudo launchctl bootout system /System/Library/LaunchDaemons/"$AGENT".plist #Shut it down + SVC_LIST+=("$AGENT") # append killed service to an array + fi +done + +#Do the same for UDP +for PORT in "${UDP_LIST[@]}"; do + echo "Checking for UDP listeners on port $PORT..." + PROC=$(sudo lsof +c 0 -iUDP:"$PORT" -nP | grep -E -v '(127|::1)'| grep -m 1 -v 'launchd\|COMMAND' | cut -d' ' -f1) + if [ -n "$PROC" ]; then + echo "Found $PROC listening on Port $PORT" + AGENT=$(sudo launchctl list | grep -m 1 "$PROC*" | cut -f3 | sed 's/.reloaded//g') + echo "Stopping coflicting service: $PROC" + sudo launchctl bootout system /System/Library/LaunchDaemons/"$AGENT".plist + SVC_LIST+=("$AGENT") + fi +done + +# Launch Responder using provided arguments +sudo /usr/bin/env python ./Responder.py "$@" + +# Restore stopped services after Responder exits +for AGENT in "${SVC_LIST[@]}"; do + echo "Restarting stopped service: $AGENT" + sudo launchctl bootstrap system /System/Library/LaunchDaemons/"$AGENT".plist +done \ No newline at end of file