From fa297c8a16f605bdb731542c67280a4d8bc023c4 Mon Sep 17 00:00:00 2001 From: lgandx Date: Sat, 6 Jan 2024 12:44:38 -0300 Subject: [PATCH] Fixed bug when IPv6 is disabled via GRUB. --- Responder.py | 62 ++++++++++++++++++++++++++++++---------------- poisoners/LLMNR.py | 5 +++- poisoners/MDNS.py | 5 +++- servers/DNS.py | 11 +++++--- settings.py | 3 +++ utils.py | 11 ++++++-- 6 files changed, 68 insertions(+), 29 deletions(-) diff --git a/Responder.py b/Responder.py index aff4ff5..8875430 100755 --- a/Responder.py +++ b/Responder.py @@ -69,6 +69,8 @@ settings.Config.ExpandIPRanges() #Create the DB, before we start Responder. CreateResponderDb() +Have_IPv6 = settings.Config.IPv6 + class ThreadingUDPServer(ThreadingMixIn, UDPServer): def server_bind(self): if OsInterfaceIsSupported(): @@ -78,10 +80,12 @@ class ThreadingUDPServer(ThreadingMixIn, UDPServer): else: if (sys.version_info > (3, 0)): self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8')) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) else: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0') - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) except: pass UDPServer.server_bind(self) @@ -95,10 +99,12 @@ class ThreadingTCPServer(ThreadingMixIn, TCPServer): else: if (sys.version_info > (3, 0)): self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8')) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) else: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0') - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) except: pass TCPServer.server_bind(self) @@ -112,10 +118,12 @@ class ThreadingTCPServerAuth(ThreadingMixIn, TCPServer): else: if (sys.version_info > (3, 0)): self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8')) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) else: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0') - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) except: pass self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_LINGER, struct.pack('ii', 1, 0)) @@ -131,11 +139,13 @@ class ThreadingUDPMDNSServer(ThreadingMixIn, UDPServer): #IPV6: if (sys.version_info > (3, 0)): - mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) + if Have_IPv6: + mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) else: - mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) + if Have_IPv6: + mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) if OsInterfaceIsSupported(): try: if settings.Config.Bind_To_ALL: @@ -143,10 +153,12 @@ class ThreadingUDPMDNSServer(ThreadingMixIn, UDPServer): else: if (sys.version_info > (3, 0)): self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8')) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) else: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0') - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) except: pass UDPServer.server_bind(self) @@ -160,8 +172,9 @@ class ThreadingUDPLLMNRServer(ThreadingMixIn, UDPServer): Join = self.socket.setsockopt(socket.IPPROTO_IP,socket.IP_ADD_MEMBERSHIP,socket.inet_aton(MADDR) + settings.Config.IP_aton) #IPV6: - mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) + if Have_IPv6: + mreq = socket.inet_pton(socket.AF_INET6, MADDR6) + struct.pack('@I', if_nametoindex2(settings.Config.Interface)) + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_JOIN_GROUP, mreq) if OsInterfaceIsSupported(): try: if settings.Config.Bind_To_ALL: @@ -169,29 +182,36 @@ class ThreadingUDPLLMNRServer(ThreadingMixIn, UDPServer): else: if (sys.version_info > (3, 0)): self.socket.setsockopt(socket.SOL_SOCKET, 25, bytes(settings.Config.Interface+'\0', 'utf-8')) - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) else: self.socket.setsockopt(socket.SOL_SOCKET, 25, settings.Config.Interface+'\0') - self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) + if Have_IPv6: + self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, False) except: pass UDPServer.server_bind(self) ThreadingUDPServer.allow_reuse_address = 1 -ThreadingUDPServer.address_family = socket.AF_INET6 +if Have_IPv6: + ThreadingUDPServer.address_family = socket.AF_INET6 ThreadingTCPServer.allow_reuse_address = 1 -ThreadingTCPServer.address_family = socket.AF_INET6 +if Have_IPv6: + ThreadingTCPServer.address_family = socket.AF_INET6 ThreadingUDPMDNSServer.allow_reuse_address = 1 -ThreadingUDPMDNSServer.address_family = socket.AF_INET6 +if Have_IPv6: + ThreadingUDPMDNSServer.address_family = socket.AF_INET6 ThreadingUDPLLMNRServer.allow_reuse_address = 1 -ThreadingUDPLLMNRServer.address_family = socket.AF_INET6 +if Have_IPv6: + ThreadingUDPLLMNRServer.address_family = socket.AF_INET6 ThreadingTCPServerAuth.allow_reuse_address = 1 -ThreadingTCPServerAuth.address_family = socket.AF_INET6 +if Have_IPv6: + ThreadingTCPServerAuth.address_family = socket.AF_INET6 def serve_thread_udp_broadcast(host, port, handler): try: diff --git a/poisoners/LLMNR.py b/poisoners/LLMNR.py index 3724f51..bec9d13 100755 --- a/poisoners/LLMNR.py +++ b/poisoners/LLMNR.py @@ -22,6 +22,9 @@ if (sys.version_info > (3, 0)): else: from SocketServer import BaseRequestHandler +#Should we answer to those AAAA? +Have_IPv6 = settings.Config.IPv6 + def Parse_LLMNR_Name(data): import codecs NameLen = data[12] @@ -86,7 +89,7 @@ class LLMNR(BaseRequestHandler): # LLMNR Server class 'AnalyzeMode': '0', }) - elif LLMNRType == 'IPv6': + elif LLMNRType == 'IPv6' and Have_IPv6: Buffer1 = LLMNR6_Ans(Tid=NetworkRecvBufferPython2or3(data[0:2]), QuestionName=Name, AnswerName=Name) Buffer1.calculate() soc.sendto(NetworkSendBufferPython2or3(Buffer1), self.client_address) diff --git a/poisoners/MDNS.py b/poisoners/MDNS.py index a9b555a..0be2e83 100755 --- a/poisoners/MDNS.py +++ b/poisoners/MDNS.py @@ -23,6 +23,9 @@ else: from packets import MDNS_Ans, MDNS6_Ans from utils import * +#Should we answer to those AAAA? +Have_IPv6 = settings.Config.IPv6 + def Parse_MDNS_Name(data): try: if (sys.version_info > (3, 0)): @@ -82,7 +85,7 @@ class MDNS(BaseRequestHandler): 'AnalyzeMode': '0', }) - elif MDNSType == 'IPv6': # Poisoning Mode + elif MDNSType == 'IPv6'and Have_IPv6: # Poisoning Mode Poisoned_Name = Poisoned_MDNS_Name(data) Buffer = MDNS6_Ans(AnswerName = Poisoned_Name) Buffer.calculate() diff --git a/servers/DNS.py b/servers/DNS.py index 9bbabbe..521599d 100755 --- a/servers/DNS.py +++ b/servers/DNS.py @@ -21,6 +21,9 @@ if settings.Config.PY2OR3 == "PY3": else: from SocketServer import BaseRequestHandler +#Should we answer to those AAAA? +Have_IPv6 = settings.Config.IPv6 + def ParseDNSType(data): QueryTypeClass = data[len(data)-4:] OPT = data[len(data)-22:len(data)-20] @@ -65,14 +68,14 @@ class DNS(BaseRequestHandler): ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"]) print(color("[*] [DNS] SRV Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1)) - if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6": + if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6" and Have_IPv6: buff = DNS6_Ans() buff.calculate(NetworkRecvBufferPython2or3(data)) soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address) ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"]) print(color("[*] [DNS] AAAA Record poisoned answer sent to: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1)) - if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6": + if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6" and Have_IPv6: buff = DNS6_Ans() buff.calculate(NetworkRecvBufferPython2or3(data)) soc.sendto(NetworkSendBufferPython2or3(buff), self.client_address) @@ -113,14 +116,14 @@ class DNSTCP(BaseRequestHandler): ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"]) print(color("[*] [DNS] SRV Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1)) - if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6": + if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "IPv6" and Have_IPv6: buff = DNS6_Ans() buff.calculate(NetworkRecvBufferPython2or3(data)) self.request.send(NetworkSendBufferPython2or3(buff)) ResolveName = re.sub('[^0-9a-zA-Z]+', '.', buff.fields["QuestionName"]) print(color("[*] [DNS] AAAA Record poisoned answer sent: %-15s Requested name: %s" % (self.client_address[0].replace("::ffff:",""), ResolveName), 2, 1)) - if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6": + if ParseDNSType(NetworkRecvBufferPython2or3(data)) == "OPTIPv6" and Have_IPv6: buff = DNS6_AnsOPT() buff.calculate(NetworkRecvBufferPython2or3(data)) self.request.send(NetworkSendBufferPython2or3(buff)) diff --git a/settings.py b/settings.py index 3d3a699..87caa5e 100644 --- a/settings.py +++ b/settings.py @@ -168,6 +168,9 @@ class Settings: self.ExternalIP6 = options.ExternalIP6 self.Quiet_Mode = options.Quiet + #Do we have IPv6 for real? + self.IPv6 = utils.Probe_IPv6_socket() + if self.Interface == "ALL": self.Bind_To_ALL = True else: diff --git a/utils.py b/utils.py index 51ecb93..521fb64 100644 --- a/utils.py +++ b/utils.py @@ -219,7 +219,15 @@ def FindLocalIP(Iface, OURIP): print(color("[!] Error: %s: Interface not found" % Iface, 1)) sys.exit(-1) - +def Probe_IPv6_socket(): + """Return true is IPv6 sockets are really supported, and False when IPv6 is not supported.""" + try: + with socket.socket(socket.AF_INET6, socket.SOCK_STREAM) as s: + s.bind(("::1", 0)) + return True + except: + return False + def FindLocalIP6(Iface, OURIP): if Iface == 'ALL': return '::' @@ -234,7 +242,6 @@ def FindLocalIP6(Iface, OURIP): s = socket.socket(socket.AF_INET6, socket.SOCK_DGRAM) s.connect((randIP+':80', 1)) IP = s.getsockname()[0] - print('IP is: %s'%IP) return IP except: try: