github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-07-05 20:41:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
Responder/Responder.conf
lgandx 58eb8731a5 Added SNMP srv enabled by default
2025-05-22 05:34:30 -03:00

116 lines
3.3 KiB
Text
Executable file
Raw Blame History

[Responder Core]
; Poisoners to start
MDNS = On
LLMNR = On
NBTNS = On
; Servers to start
SQL = On
SMB = On
QUIC = On
RDP = On
Kerberos = On
FTP = On
POP = On
SMTP = On
IMAP = On
HTTP = On
HTTPS = On
DNS = On
LDAP = On
DCERPC = On
WINRM = On
SNMP = On
MQTT = On
; Custom challenge.
; Use "Random" for generating a random challenge for each requests (Default)
Challenge = Random
; SQLite Database file
; Delete this file to re-capture previously captured hashes
Database = Responder.db
; Default log file
SessionLog = Responder-Session.log
; Poisoners log
PoisonersLog = Poisoners-Session.log
; Analyze mode log
AnalyzeLog = Analyzer-Session.log
; Dump Responder Config log:
ResponderConfigDump = Config-Responder.log
; Specific IP Addresses to respond to (default = All)
; Example: RespondTo = 10.20.1.100-150, 10.20.3.10, fe80::e059:5c8f:a486:a4ea-a4ef, 2001:db8::8a2e:370:7334
RespondTo =
; Specific NBT-NS/LLMNR names to respond to (default = All)
; Example: RespondTo = WPAD, DEV, PROD, SQLINT
;RespondToName = WPAD, DEV, PROD, SQLINT
RespondToName =
; Specific IP Addresses not to respond to (default = None)
; Hosts with IPv4 and IPv6 addresses must have both addresses included to prevent responding.
; Example: DontRespondTo = 10.20.1.100-150, 10.20.3.10, fe80::e059:5c8f:a486:a4ea-a4ef, 2001:db8::8a2e:370:7334
DontRespondTo =
; Specific NBT-NS/LLMNR names not to respond to (default = None)
; Example: DontRespondToName = NAC, IPS, IDS
DontRespondToName = ISATAP
; MDNS TLD not to respond to (default = _dosvc). Do not add the ".", only the TLD.
; Example: DontRespondToTLD = _dosvc, _blasvc, etc
DontRespondToTLD = _dosvc
; If set to On, we will stop answering further requests from a host
; if a hash has been previously captured for this host.
AutoIgnoreAfterSuccess = Off
; If set to On, we will send ACCOUNT_DISABLED when the client tries
; to authenticate for the first time to try to get different credentials.
; This may break file serving and is useful only for hash capture
CaptureMultipleCredentials = On
; If set to On, we will write to file all hashes captured from the same host.
; In this case, Responder will log from 172.16.0.12 all user hashes: domain\toto,
; domain\popo, domain\zozo. Recommended value: On, capture everything.
CaptureMultipleHashFromSameHost = On
[HTTP Server]
; Set to On to always serve the custom EXE
Serve-Always = Off
; Set to On to replace any requested .exe with the custom EXE
Serve-Exe = Off
; Set to On to serve the custom HTML if the URL does not contain .exe
; Set to Off to inject the 'HTMLToInject' in web pages instead
Serve-Html = Off
; Custom HTML to serve
HtmlFilename = files/AccessDenied.html
; Custom EXE File to serve
ExeFilename = ;files/filetoserve.exe
; Name of the downloaded .exe that the client will see
ExeDownloadName = ProxyClient.exe
; Custom WPAD Script
; Only set one if you really know what you're doing. Responder is taking care of that and inject the right one, with your current IP address.
WPADScript =
; HTML answer to inject in HTTP responses (before </body> tag).
; leave empty if you want to use the default one (redirect to SMB on your IP address).
HTMLToInject =
[HTTPS Server]
; Configure SSL Certificates to use
SSLCert = certs/responder.crt
SSLKey = certs/responder.key
Reference in a new issue View git blame Copy permalink