def populate(self, options):
if options.Interface is None and IsOsX() is False:
print utils.color("Error: -I <if> mandatory option is missing", 1)
sys.exit(-1)
# Config parsing
config = ConfigParser.ConfigParser()
config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))
# Servers
self.HTTP_On_Off = self.toBool(config.get('Responder Core', 'HTTP'))
self.SSL_On_Off = self.toBool(config.get('Responder Core', 'HTTPS'))
self.SMB_On_Off = self.toBool(config.get('Responder Core', 'SMB'))
self.SQL_On_Off = self.toBool(config.get('Responder Core', 'SQL'))
self.FTP_On_Off = self.toBool(config.get('Responder Core', 'FTP'))
self.POP_On_Off = self.toBool(config.get('Responder Core', 'POP'))
self.IMAP_On_Off = self.toBool(config.get('Responder Core', 'IMAP'))
self.SMTP_On_Off = self.toBool(config.get('Responder Core', 'SMTP'))
self.LDAP_On_Off = self.toBool(config.get('Responder Core', 'LDAP'))
self.DNS_On_Off = self.toBool(config.get('Responder Core', 'DNS'))
self.Krb_On_Off = self.toBool(config.get('Responder Core', 'Kerberos'))
# Db File
self.DatabaseFile = os.path.join(
self.ResponderPATH, config.get('Responder Core', 'Database'))
# Log Files
self.LogDir = os.path.join(self.ResponderPATH, 'logs')
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'SessionLog'))
self.PoisonersLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'PoisonersLog'))
self.AnalyzeLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'AnalyzeLog'))
self.FTPLog = os.path.join(self.LogDir,
'FTP-Clear-Text-Password-%s.txt')
self.IMAPLog = os.path.join(self.LogDir,
'IMAP-Clear-Text-Password-%s.txt')
self.POP3Log = os.path.join(self.LogDir,
'POP3-Clear-Text-Password-%s.txt')
self.HTTPBasicLog = os.path.join(self.LogDir,
'HTTP-Clear-Text-Password-%s.txt')
self.LDAPClearLog = os.path.join(self.LogDir,
'LDAP-Clear-Text-Password-%s.txt')
self.SMBClearLog = os.path.join(self.LogDir,
'SMB-Clear-Text-Password-%s.txt')
self.SMTPClearLog = os.path.join(self.LogDir,
'SMTP-Clear-Text-Password-%s.txt')
self.MSSQLClearLog = os.path.join(self.LogDir,
'MSSQL-Clear-Text-Password-%s.txt')
self.LDAPNTLMv1Log = os.path.join(self.LogDir,
'LDAP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv1Log = os.path.join(self.LogDir,
'HTTP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv2Log = os.path.join(self.LogDir,
'HTTP-NTLMv2-Client-%s.txt')
self.KerberosLog = os.path.join(self.LogDir,
'MSKerberos-Client-%s.txt')
self.MSSQLNTLMv1Log = os.path.join(self.LogDir,
'MSSQL-NTLMv1-Client-%s.txt')
self.MSSQLNTLMv2Log = os.path.join(self.LogDir,
'MSSQL-NTLMv2-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir,
'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir,
'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv2-Client-%s.txt')
# HTTP Options
self.Serve_Exe = self.toBool(config.get('HTTP Server', 'Serve-Exe'))
self.Serve_Always = self.toBool(
config.get('HTTP Server', 'Serve-Always'))
self.Serve_Html = self.toBool(config.get('HTTP Server', 'Serve-Html'))
self.Html_Filename = config.get('HTTP Server', 'HtmlFilename')
self.Exe_Filename = config.get('HTTP Server', 'ExeFilename')
self.Exe_DlName = config.get('HTTP Server', 'ExeDownloadName')
self.WPAD_Script = config.get('HTTP Server', 'WPADScript')
self.HtmlToInject = config.get('HTTP Server', 'HtmlToInject')
if not os.path.exists(self.Html_Filename):
print utils.color(
"/!\ Warning: %s: file not found" % self.Html_Filename, 3, 1)
if not os.path.exists(self.Exe_Filename):
print utils.color(
"/!\ Warning: %s: file not found" % self.Exe_Filename, 3, 1)
# SSL Options
self.SSLKey = config.get('HTTPS Server', 'SSLKey')
self.SSLCert = config.get('HTTPS Server', 'SSLCert')
# Respond to hosts
self.RespondTo = filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondTo').strip().split(',')
])
self.RespondToName = filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondToName').strip().split(',')
])
self.DontRespondTo = filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondTo').strip().split(',')
])
self.DontRespondToName = filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondToName').strip().split(',')
])
# Auto Ignore List
self.AutoIgnore = self.toBool(
config.get('Responder Core', 'AutoIgnoreAfterSuccess'))
self.AutoIgnoreList = []
# CLI options
self.LM_On_Off = options.LM_On_Off
self.WPAD_On_Off = options.WPAD_On_Off
self.Wredirect = options.Wredirect
self.NBTNSDomain = options.NBTNSDomain
self.Basic = options.Basic
self.Finger_On_Off = options.Finger
self.Interface = options.Interface
self.OURIP = options.OURIP
self.Force_WPAD_Auth = options.Force_WPAD_Auth
self.Upstream_Proxy = options.Upstream_Proxy
self.AnalyzeMode = options.Analyze
self.Verbose = options.Verbose
self.CommandLine = str(sys.argv)
if self.HtmlToInject is None:
self.HtmlToInject = ''
self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)
self.IP_aton = socket.inet_aton(self.Bind_To)
self.Os_version = sys.platform
# Set up Challenge
self.NumChal = config.get('Responder Core', 'Challenge')
if len(self.NumChal) is not 16:
print utils.color(
"[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788",
1)
sys.exit(-1)
self.Challenge = ""
for i in range(0, len(self.NumChal), 2):
self.Challenge += self.NumChal[i:i + 2].decode("hex")
# Set up logging
logging.basicConfig(filename=self.SessionLogFile,
level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%m/%d/%Y %I:%M:%S %p')
logging.warning('Responder Started: %s' % self.CommandLine)
logging.warning('Responder Config: %s' % str(self))
Formatter = logging.Formatter('%(asctime)s - %(message)s')
PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
PLog_Handler.setLevel(logging.INFO)
ALog_Handler.setLevel(logging.INFO)
PLog_Handler.setFormatter(Formatter)
ALog_Handler.setFormatter(Formatter)
self.PoisonersLogger = logging.getLogger('Poisoners Log')
self.PoisonersLogger.addHandler(PLog_Handler)
self.AnalyzeLogger = logging.getLogger('Analyze Log')
self.AnalyzeLogger.addHandler(ALog_Handler)
def populate(self, options):
if options.Interface is None and utils.IsOsX() is False:
print utils.color("Error: -I <if> mandatory option is missing", 1)
sys.exit(-1)
# Config parsing
config = ConfigParser.ConfigParser()
config.read(os.path.join(self.ResponderPATH, 'ETAC.conf'))
# Servers
self.SMB_On_Off = self.toBool(config.get('ETAC Core', 'SMB'))
self.Krb_On_Off = self.toBool(config.get('ETAC Core', 'Kerberos'))
# Db File
self.DatabaseFile = os.path.join(self.ResponderPATH,
config.get('ETAC Core', 'Database'))
# Log Files
self.LogDir = os.path.join(self.ResponderPATH, 'logs')
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(
self.LogDir, config.get('ETAC Core', 'SessionLog'))
self.PoisonersLogFile = os.path.join(
self.LogDir, config.get('ETAC Core', 'PoisonersLog'))
self.AnalyzeLogFile = os.path.join(
self.LogDir, config.get('ETAC Core', 'AnalyzeLog'))
self.SMBClearLog = os.path.join(self.LogDir,
'SMB-Clear-Text-Password-%s.txt')
self.KerberosLog = os.path.join(self.LogDir,
'MSKerberos-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir,
'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir,
'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv2-Client-%s.txt')
# Auto Ignore List
self.AutoIgnore = self.toBool(
config.get('ETAC Core', 'AutoIgnoreAfterSuccess'))
self.AutoIgnoreList = []
# CLI options
self.LM_On_Off = options.LM_On_Off
self.WPAD_On_Off = options.WPAD_On_Off
self.Wredirect = options.Wredirect
self.NBTNSDomain = options.NBTNSDomain
self.Basic = options.Basic
self.Finger_On_Off = options.Finger
self.Interface = options.Interface
self.OURIP = options.OURIP
self.Force_WPAD_Auth = options.Force_WPAD_Auth
self.HTML_On_Off = options.HTML_On_Off
self.Upstream_Proxy = options.Upstream_Proxy
self.AnalyzeMode = options.Analyze
self.Verbose = options.Verbose
self.CommandLine = str(sys.argv)
self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)
self.IP_aton = socket.inet_aton(self.Bind_To)
self.Os_version = sys.platform
# Set up Challenge
self.NumChal = config.get('ETAC Core', 'Challenge')
if len(self.NumChal) is not 16:
print utils.color(
"[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788",
1)
sys.exit(-1)
self.Challenge = ""
for i in range(0, len(self.NumChal), 2):
self.Challenge += self.NumChal[i:i + 2].decode("hex")
# Set up logging
logging.basicConfig(filename=self.SessionLogFile,
level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%m/%d/%Y %I:%M:%S %p')
logging.warning('ETAC Started: %s' % self.CommandLine)
logging.warning('ETAC Config: %s' % str(self))
Formatter = logging.Formatter('%(asctime)s - %(message)s')
PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
PLog_Handler.setLevel(logging.INFO)
ALog_Handler.setLevel(logging.INFO)
PLog_Handler.setFormatter(Formatter)
ALog_Handler.setFormatter(Formatter)
self.PoisonersLogger = logging.getLogger('Poisoners Log')
self.PoisonersLogger.addHandler(PLog_Handler)
self.AnalyzeLogger = logging.getLogger('Analyze Log')
self.AnalyzeLogger.addHandler(ALog_Handler)
def populate(self, options):
if options.Interface is None and utils.IsOsX() is False:
print(utils.color("Error: -I <if> mandatory option is missing", 1))
sys.exit(-1)
if options.Interface == "ALL" and options.OURIP == None:
print(
utils.color(
"Error: -i is missing.\nWhen using -I ALL you need to provide your current ip address",
1))
sys.exit(-1)
#Python version
if (sys.version_info > (3, 0)):
self.PY2OR3 = "PY3"
else:
self.PY2OR3 = "PY2"
# Config parsing
config = ConfigParser.ConfigParser()
config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))
# Servers
self.HTTP_On_Off = self.toBool(config.get('Responder Core', 'HTTP'))
self.SSL_On_Off = self.toBool(config.get('Responder Core', 'HTTPS'))
self.SMB_On_Off = self.toBool(config.get('Responder Core', 'SMB'))
self.SQL_On_Off = self.toBool(config.get('Responder Core', 'SQL'))
self.FTP_On_Off = self.toBool(config.get('Responder Core', 'FTP'))
self.POP_On_Off = self.toBool(config.get('Responder Core', 'POP'))
self.IMAP_On_Off = self.toBool(config.get('Responder Core', 'IMAP'))
self.SMTP_On_Off = self.toBool(config.get('Responder Core', 'SMTP'))
self.LDAP_On_Off = self.toBool(config.get('Responder Core', 'LDAP'))
self.DNS_On_Off = self.toBool(config.get('Responder Core', 'DNS'))
self.RDP_On_Off = self.toBool(config.get('Responder Core', 'RDP'))
self.Krb_On_Off = self.toBool(config.get('Responder Core', 'Kerberos'))
# Db File
self.DatabaseFile = os.path.join(
self.ResponderPATH, config.get('Responder Core', 'Database'))
# Log Files
self.LogDir = os.path.join(self.ResponderPATH, 'logs')
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'SessionLog'))
self.PoisonersLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'PoisonersLog'))
self.AnalyzeLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'AnalyzeLog'))
self.ResponderConfigDump = os.path.join(
self.LogDir, config.get('Responder Core', 'ResponderConfigDump'))
self.FTPLog = os.path.join(self.LogDir,
'FTP-Clear-Text-Password-%s.txt')
self.IMAPLog = os.path.join(self.LogDir,
'IMAP-Clear-Text-Password-%s.txt')
self.POP3Log = os.path.join(self.LogDir,
'POP3-Clear-Text-Password-%s.txt')
self.HTTPBasicLog = os.path.join(self.LogDir,
'HTTP-Clear-Text-Password-%s.txt')
self.LDAPClearLog = os.path.join(self.LogDir,
'LDAP-Clear-Text-Password-%s.txt')
self.SMBClearLog = os.path.join(self.LogDir,
'SMB-Clear-Text-Password-%s.txt')
self.SMTPClearLog = os.path.join(self.LogDir,
'SMTP-Clear-Text-Password-%s.txt')
self.MSSQLClearLog = os.path.join(self.LogDir,
'MSSQL-Clear-Text-Password-%s.txt')
self.LDAPNTLMv1Log = os.path.join(self.LogDir,
'LDAP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv1Log = os.path.join(self.LogDir,
'HTTP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv2Log = os.path.join(self.LogDir,
'HTTP-NTLMv2-Client-%s.txt')
self.KerberosLog = os.path.join(self.LogDir,
'MSKerberos-Client-%s.txt')
self.MSSQLNTLMv1Log = os.path.join(self.LogDir,
'MSSQL-NTLMv1-Client-%s.txt')
self.MSSQLNTLMv2Log = os.path.join(self.LogDir,
'MSSQL-NTLMv2-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir,
'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir,
'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv2-Client-%s.txt')
# HTTP Options
self.Serve_Exe = self.toBool(config.get('HTTP Server', 'Serve-Exe'))
self.Serve_Always = self.toBool(
config.get('HTTP Server', 'Serve-Always'))
self.Serve_Html = self.toBool(config.get('HTTP Server', 'Serve-Html'))
self.Html_Filename = config.get('HTTP Server', 'HtmlFilename')
self.Exe_Filename = config.get('HTTP Server', 'ExeFilename')
self.Exe_DlName = config.get('HTTP Server', 'ExeDownloadName')
self.WPAD_Script = config.get('HTTP Server', 'WPADScript')
self.HtmlToInject = config.get('HTTP Server', 'HtmlToInject')
if not os.path.exists(self.Html_Filename):
print(
utils.color(
"/!\ Warning: %s: file not found" % self.Html_Filename, 3,
1))
if not os.path.exists(self.Exe_Filename):
print(
utils.color(
"/!\ Warning: %s: file not found" % self.Exe_Filename, 3,
1))
# SSL Options
self.SSLKey = config.get('HTTPS Server', 'SSLKey')
self.SSLCert = config.get('HTTPS Server', 'SSLCert')
# Respond to hosts
self.RespondTo = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondTo').strip().split(',')
]))
self.RespondToName = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondToName').strip().split(',')
]))
self.DontRespondTo = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondTo').strip().split(',')
]))
self.DontRespondToName = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondToName').strip().split(',')
]))
# Auto Ignore List
self.AutoIgnore = self.toBool(
config.get('Responder Core', 'AutoIgnoreAfterSuccess'))
self.CaptureMultipleCredentials = self.toBool(
config.get('Responder Core', 'CaptureMultipleCredentials'))
self.CaptureMultipleHashFromSameHost = self.toBool(
config.get('Responder Core', 'CaptureMultipleHashFromSameHost'))
self.AutoIgnoreList = []
# CLI options
self.ExternalIP = options.ExternalIP
self.LM_On_Off = options.LM_On_Off
self.WPAD_On_Off = options.WPAD_On_Off
self.Wredirect = options.Wredirect
self.NBTNSDomain = options.NBTNSDomain
self.Basic = options.Basic
self.Finger_On_Off = options.Finger
self.Interface = options.Interface
self.OURIP = options.OURIP
self.Force_WPAD_Auth = options.Force_WPAD_Auth
self.Upstream_Proxy = options.Upstream_Proxy
self.AnalyzeMode = options.Analyze
self.Verbose = options.Verbose
self.ProxyAuth_On_Off = options.ProxyAuth_On_Off
self.CommandLine = str(sys.argv)
if self.ExternalIP:
self.ExternalIPAton = socket.inet_aton(self.ExternalIP)
if self.HtmlToInject is None:
self.HtmlToInject = ''
self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)
if self.Interface == "ALL":
self.Bind_To_ALL = True
else:
self.Bind_To_ALL = False
if self.Interface == "ALL":
self.IP_aton = socket.inet_aton(self.OURIP)
else:
self.IP_aton = socket.inet_aton(self.Bind_To)
self.Os_version = sys.platform
# Set up Challenge
self.NumChal = config.get('Responder Core', 'Challenge')
if self.NumChal.lower() == 'random':
self.NumChal = "random"
if len(self.NumChal) is not 16 and not "random":
print(
utils.color(
"[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788",
1))
sys.exit(-1)
self.Challenge = ""
if self.NumChal.lower() == 'random':
pass
else:
for i in range(0, len(self.NumChal), 2):
self.Challenge += self.NumChal[i:i + 2].decode("hex")
# Set up logging
logging.basicConfig(filename=self.SessionLogFile,
level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%m/%d/%Y %I:%M:%S %p')
logging.warning('Responder Started: %s' % self.CommandLine)
Formatter = logging.Formatter('%(asctime)s - %(message)s')
PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
PLog_Handler.setLevel(logging.INFO)
ALog_Handler.setLevel(logging.INFO)
PLog_Handler.setFormatter(Formatter)
ALog_Handler.setFormatter(Formatter)
self.PoisonersLogger = logging.getLogger('Poisoners Log')
self.PoisonersLogger.addHandler(PLog_Handler)
self.AnalyzeLogger = logging.getLogger('Analyze Log')
self.AnalyzeLogger.addHandler(ALog_Handler)
try:
NetworkCard = subprocess.check_output(["ifconfig", "-a"])
except:
try:
NetworkCard = subprocess.check_output(
["ip", "address", "show"])
except subprocess.CalledProcessError as ex:
NetworkCard = "Error fetching Network Interfaces:", ex
pass
try:
DNS = subprocess.check_output(["cat", "/etc/resolv.conf"])
except subprocess.CalledProcessError as ex:
DNS = "Error fetching DNS configuration:", ex
pass
try:
RoutingInfo = subprocess.check_output(["netstat", "-rn"])
except:
try:
RoutingInfo = subprocess.check_output(["ip", "route", "show"])
except subprocess.CalledProcessError as ex:
RoutingInfo = "Error fetching Routing information:", ex
pass
Message = "Current environment is:\nNetwork Config:\n%s\nDNS Settings:\n%s\nRouting info:\n%s\n\n" % (
NetworkCard, DNS, RoutingInfo)
try:
utils.DumpConfig(self.ResponderConfigDump, Message)
utils.DumpConfig(self.ResponderConfigDump, str(self))
except AttributeError as ex:
print("Missing Module:", ex)
pass
def populate(self, options):
if options.Interface == None and utils.IsOsX() == False:
print(utils.color("Error: -I <if> mandatory option is missing", 1))
sys.exit(-1)
if options.Interface == "ALL" and options.OURIP == None:
print(
utils.color(
"Error: -i is missing.\nWhen using -I ALL you need to provide your current ip address",
1))
sys.exit(-1)
#Python version
if (sys.version_info > (3, 0)):
self.PY2OR3 = "PY3"
else:
self.PY2OR3 = "PY2"
# Config parsing
config = ConfigParser.ConfigParser()
config.read(os.path.join(self.ResponderPATH, 'Responder.conf'))
# Servers
self.HTTP_On_Off = self.toBool(config.get('Responder Core', 'HTTP'))
self.SSL_On_Off = self.toBool(config.get('Responder Core', 'HTTPS'))
self.SMB_On_Off = self.toBool(config.get('Responder Core', 'SMB'))
self.SQL_On_Off = self.toBool(config.get('Responder Core', 'SQL'))
self.FTP_On_Off = self.toBool(config.get('Responder Core', 'FTP'))
self.POP_On_Off = self.toBool(config.get('Responder Core', 'POP'))
self.IMAP_On_Off = self.toBool(config.get('Responder Core', 'IMAP'))
self.SMTP_On_Off = self.toBool(config.get('Responder Core', 'SMTP'))
self.LDAP_On_Off = self.toBool(config.get('Responder Core', 'LDAP'))
self.DNS_On_Off = self.toBool(config.get('Responder Core', 'DNS'))
self.RDP_On_Off = self.toBool(config.get('Responder Core', 'RDP'))
self.DCERPC_On_Off = self.toBool(config.get('Responder Core',
'DCERPC'))
self.WinRM_On_Off = self.toBool(config.get('Responder Core', 'WINRM'))
self.Krb_On_Off = self.toBool(config.get('Responder Core', 'Kerberos'))
# Db File
self.DatabaseFile = os.path.join(
self.ResponderPATH, config.get('Responder Core', 'Database'))
# Log Files
self.LogDir = os.path.join(self.ResponderPATH, 'logs')
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'SessionLog'))
self.PoisonersLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'PoisonersLog'))
self.AnalyzeLogFile = os.path.join(
self.LogDir, config.get('Responder Core', 'AnalyzeLog'))
self.ResponderConfigDump = os.path.join(
self.LogDir, config.get('Responder Core', 'ResponderConfigDump'))
# CLI options
self.ExternalIP = options.ExternalIP
self.LM_On_Off = options.LM_On_Off
self.NOESS_On_Off = options.NOESS_On_Off
self.WPAD_On_Off = options.WPAD_On_Off
self.DHCP_On_Off = options.DHCP_On_Off
self.Basic = options.Basic
self.Interface = options.Interface
self.OURIP = options.OURIP
self.Force_WPAD_Auth = options.Force_WPAD_Auth
self.Upstream_Proxy = options.Upstream_Proxy
self.AnalyzeMode = options.Analyze
self.Verbose = options.Verbose
self.ProxyAuth_On_Off = options.ProxyAuth_On_Off
self.CommandLine = str(sys.argv)
self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)
self.Bind_To6 = utils.FindLocalIP6(self.Interface, self.OURIP)
self.DHCP_DNS = options.DHCP_DNS
self.ExternalIP6 = options.ExternalIP6
if self.Interface == "ALL":
self.Bind_To_ALL = True
else:
self.Bind_To_ALL = False
#IPV4
if self.Interface == "ALL":
self.IP_aton = socket.inet_aton(self.OURIP)
else:
self.IP_aton = socket.inet_aton(self.Bind_To)
#IPV6
if self.Interface == "ALL":
if self.OURIP != None and utils.IsIPv6IP(self.OURIP):
self.IP_Pton6 = socket.inet_pton(socket.AF_INET6, self.OURIP)
else:
self.IP_Pton6 = socket.inet_pton(socket.AF_INET6, self.Bind_To6)
#External IP
if self.ExternalIP:
if utils.IsIPv6IP(self.ExternalIP):
sys.exit(
utils.color(
'[!] IPv6 address provided with -e parameter. Use -6 IPv6_address instead.',
1))
self.ExternalIPAton = socket.inet_aton(self.ExternalIP)
self.ExternalResponderIP = utils.RespondWithIP()
else:
self.ExternalResponderIP = self.Bind_To
#External IPv6
if self.ExternalIP6:
self.ExternalIP6Pton = socket.inet_pton(socket.AF_INET6,
self.ExternalIP6)
self.ExternalResponderIP6 = utils.RespondWithIP6()
else:
self.ExternalResponderIP6 = self.Bind_To6
self.Os_version = sys.platform
self.FTPLog = os.path.join(self.LogDir,
'FTP-Clear-Text-Password-%s.txt')
self.IMAPLog = os.path.join(self.LogDir,
'IMAP-Clear-Text-Password-%s.txt')
self.POP3Log = os.path.join(self.LogDir,
'POP3-Clear-Text-Password-%s.txt')
self.HTTPBasicLog = os.path.join(self.LogDir,
'HTTP-Clear-Text-Password-%s.txt')
self.LDAPClearLog = os.path.join(self.LogDir,
'LDAP-Clear-Text-Password-%s.txt')
self.SMBClearLog = os.path.join(self.LogDir,
'SMB-Clear-Text-Password-%s.txt')
self.SMTPClearLog = os.path.join(self.LogDir,
'SMTP-Clear-Text-Password-%s.txt')
self.MSSQLClearLog = os.path.join(self.LogDir,
'MSSQL-Clear-Text-Password-%s.txt')
self.LDAPNTLMv1Log = os.path.join(self.LogDir,
'LDAP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv1Log = os.path.join(self.LogDir,
'HTTP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv2Log = os.path.join(self.LogDir,
'HTTP-NTLMv2-Client-%s.txt')
self.KerberosLog = os.path.join(self.LogDir,
'MSKerberos-Client-%s.txt')
self.MSSQLNTLMv1Log = os.path.join(self.LogDir,
'MSSQL-NTLMv1-Client-%s.txt')
self.MSSQLNTLMv2Log = os.path.join(self.LogDir,
'MSSQL-NTLMv2-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir,
'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir,
'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv2-Client-%s.txt')
# HTTP Options
self.Serve_Exe = self.toBool(config.get('HTTP Server', 'Serve-Exe'))
self.Serve_Always = self.toBool(
config.get('HTTP Server', 'Serve-Always'))
self.Serve_Html = self.toBool(config.get('HTTP Server', 'Serve-Html'))
self.Html_Filename = config.get('HTTP Server', 'HtmlFilename')
self.Exe_Filename = config.get('HTTP Server', 'ExeFilename')
self.Exe_DlName = config.get('HTTP Server', 'ExeDownloadName')
self.WPAD_Script = config.get('HTTP Server', 'WPADScript')
self.HtmlToInject = config.get('HTTP Server', 'HtmlToInject')
if len(self.HtmlToInject) == 0:
self.HtmlToInject = "<img src='file://///" + self.Bind_To + "/pictures/logo.jpg' alt='Loading' height='1' width='1'>"
if len(self.WPAD_Script) == 0:
self.WPAD_Script = 'function FindProxyForURL(url, host){if ((host == "localhost") || shExpMatch(host, "localhost.*") ||(host == "127.0.0.1") || isPlainHostName(host)) return "DIRECT"; if (dnsDomainIs(host, "ProxySrv")||shExpMatch(host, "(*.ProxySrv|ProxySrv)")) return "DIRECT"; return "PROXY ' + self.Bind_To + ':3128; PROXY ' + self.Bind_To + ':3141; DIRECT";}'
if self.Serve_Exe == True:
if not os.path.exists(self.Html_Filename):
print(
utils.color(
"/!\ Warning: %s: file not found" % self.Html_Filename,
3, 1))
if not os.path.exists(self.Exe_Filename):
print(
utils.color(
"/!\ Warning: %s: file not found" % self.Exe_Filename,
3, 1))
# SSL Options
self.SSLKey = config.get('HTTPS Server', 'SSLKey')
self.SSLCert = config.get('HTTPS Server', 'SSLCert')
# Respond to hosts
self.RespondTo = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondTo').strip().split(',')
]))
self.RespondToName = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'RespondToName').strip().split(',')
]))
self.DontRespondTo = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondTo').strip().split(',')
]))
self.DontRespondToName = list(
filter(None, [
x.upper().strip() for x in config.get(
'Responder Core', 'DontRespondToName').strip().split(',')
]))
#Generate Random stuff for one Responder session
self.MachineName = 'WIN-' + ''.join([
random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
for i in range(11)
])
self.Username = ''.join(
[random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ') for i in range(6)])
self.Domain = ''.join([
random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
for i in range(4)
])
self.DHCPHostname = ''.join([
random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
for i in range(9)
])
self.DomainName = self.Domain + '.LOCAL'
self.MachineNego = ''.join([
random.choice('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789')
for i in range(9)
]) + '$@' + self.DomainName
self.RPCPort = random.randrange(45000, 49999)
# Auto Ignore List
self.AutoIgnore = self.toBool(
config.get('Responder Core', 'AutoIgnoreAfterSuccess'))
self.CaptureMultipleCredentials = self.toBool(
config.get('Responder Core', 'CaptureMultipleCredentials'))
self.CaptureMultipleHashFromSameHost = self.toBool(
config.get('Responder Core', 'CaptureMultipleHashFromSameHost'))
self.AutoIgnoreList = []
# Set up Challenge
self.NumChal = config.get('Responder Core', 'Challenge')
if self.NumChal.lower() == 'random':
self.NumChal = "random"
if len(self.NumChal) != 16 and self.NumChal != "random":
print(
utils.color(
"[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788",
1))
sys.exit(-1)
self.Challenge = b''
if self.NumChal.lower() == 'random':
pass
else:
if self.PY2OR3 == 'PY2':
for i in range(0, len(self.NumChal), 2):
self.Challenge += self.NumChal[i:i + 2].decode("hex")
else:
self.Challenge = bytes.fromhex(self.NumChal)
# Set up logging
logging.basicConfig(filename=self.SessionLogFile,
level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%m/%d/%Y %I:%M:%S %p')
logging.warning('Responder Started: %s' % self.CommandLine)
Formatter = logging.Formatter('%(asctime)s - %(message)s')
PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
PLog_Handler.setLevel(logging.INFO)
ALog_Handler.setLevel(logging.INFO)
PLog_Handler.setFormatter(Formatter)
ALog_Handler.setFormatter(Formatter)
self.PoisonersLogger = logging.getLogger('Poisoners Log')
self.PoisonersLogger.addHandler(PLog_Handler)
self.AnalyzeLogger = logging.getLogger('Analyze Log')
self.AnalyzeLogger.addHandler(ALog_Handler)
# First time Responder run?
if os.path.isfile(self.ResponderPATH + '/Responder.db'):
pass
else:
#If it's the first time, generate SSL certs for this Responder session and send openssl output to /dev/null
Certs = os.system(
"./certs/gen-self-signed-cert.sh >/dev/null 2>&1")
try:
NetworkCard = subprocess.check_output(["ifconfig", "-a"])
except:
try:
NetworkCard = subprocess.check_output(
["ip", "address", "show"])
except subprocess.CalledProcessError as ex:
NetworkCard = "Error fetching Network Interfaces:", ex
pass
try:
DNS = subprocess.check_output(["cat", "/etc/resolv.conf"])
except subprocess.CalledProcessError as ex:
DNS = "Error fetching DNS configuration:", ex
pass
try:
RoutingInfo = subprocess.check_output(["netstat", "-rn"])
except:
try:
RoutingInfo = subprocess.check_output(["ip", "route", "show"])
except subprocess.CalledProcessError as ex:
RoutingInfo = "Error fetching Routing information:", ex
pass
Message = "%s\nCurrent environment is:\nNetwork Config:\n%s\nDNS Settings:\n%s\nRouting info:\n%s\n\n" % (
utils.HTTPCurrentDate(), NetworkCard.decode('latin-1'),
DNS.decode('latin-1'), RoutingInfo.decode('latin-1'))
try:
utils.DumpConfig(self.ResponderConfigDump, Message)
utils.DumpConfig(self.ResponderConfigDump, str(self))
except AttributeError as ex:
print("Missing Module:", ex)
pass
def populate(self, options):
config = settings.dict['core']['responder']
if options['interface'] is None and utils.IsOsX() is False:
print utils.color("Error: -I <if> mandatory option is missing", 1)
sys.exit(-1)
# Servers
self.HTTP_On_Off = self.toBool(config['Responder Core']['http'])
self.SSL_On_Off = self.toBool(config['Responder Core']['https'])
self.SMB_On_Off = self.toBool(config['Responder Core']['smb'])
self.SQL_On_Off = self.toBool(config['Responder Core']['sql'])
self.FTP_On_Off = self.toBool(config['Responder Core']['ftp'])
self.POP_On_Off = self.toBool(config['Responder Core']['pop'])
self.IMAP_On_Off = self.toBool(config['Responder Core']['imap'])
self.SMTP_On_Off = self.toBool(config['Responder Core']['smtp'])
self.LDAP_On_Off = self.toBool(config['Responder Core']['ldap'])
self.DNS_On_Off = self.toBool(config['Responder Core']['dns'])
self.Krb_On_Off = self.toBool(config['Responder Core']['kerberos'])
#self.HTTP_On_Off = self.toBool(config.get('Responder Core', 'HTTP'))
#self.SSL_On_Off = self.toBool(config.get('Responder Core', 'HTTPS'))
#self.SMB_On_Off = self.toBool(config.get('Responder Core', 'SMB'))
#self.SQL_On_Off = self.toBool(config.get('Responder Core', 'SQL'))
#self.FTP_On_Off = self.toBool(config.get('Responder Core', 'FTP'))
#self.POP_On_Off = self.toBool(config.get('Responder Core', 'POP'))
#self.IMAP_On_Off = self.toBool(config.get('Responder Core', 'IMAP'))
#self.SMTP_On_Off = self.toBool(config.get('Responder Core', 'SMTP'))
#self.LDAP_On_Off = self.toBool(config.get('Responder Core', 'LDAP'))
#self.DNS_On_Off = self.toBool(config.get('Responder Core', 'DNS'))
#self.Krb_On_Off = self.toBool(config.get('Responder Core', 'Kerberos'))
# Db File
#self.DatabaseFile = os.path.join(self.ResponderPATH, config.get('Responder Core', 'Database'))
self.DatabaseFile = os.path.join(self.ResponderPATH,
config['Responder Core']['database'])
# Log Files
self.LogDir = os.path.join(self.ResponderPATH, 'logs')
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(
self.LogDir, config['Responder Core']['sessionlog'])
self.PoisonersLogFile = os.path.join(
self.LogDir, config['Responder Core']['poisonerslog'])
self.AnalyzeLogFile = os.path.join(
self.LogDir, config['Responder Core']['analyzelog'])
self.FTPLog = os.path.join(self.LogDir,
'FTP-Clear-Text-Password-%s.txt')
self.IMAPLog = os.path.join(self.LogDir,
'IMAP-Clear-Text-Password-%s.txt')
self.POP3Log = os.path.join(self.LogDir,
'POP3-Clear-Text-Password-%s.txt')
self.HTTPBasicLog = os.path.join(self.LogDir,
'HTTP-Clear-Text-Password-%s.txt')
self.LDAPClearLog = os.path.join(self.LogDir,
'LDAP-Clear-Text-Password-%s.txt')
self.SMBClearLog = os.path.join(self.LogDir,
'SMB-Clear-Text-Password-%s.txt')
self.SMTPClearLog = os.path.join(self.LogDir,
'SMTP-Clear-Text-Password-%s.txt')
self.MSSQLClearLog = os.path.join(self.LogDir,
'MSSQL-Clear-Text-Password-%s.txt')
self.LDAPNTLMv1Log = os.path.join(self.LogDir,
'LDAP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv1Log = os.path.join(self.LogDir,
'HTTP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv2Log = os.path.join(self.LogDir,
'HTTP-NTLMv2-Client-%s.txt')
self.KerberosLog = os.path.join(self.LogDir,
'MSKerberos-Client-%s.txt')
self.MSSQLNTLMv1Log = os.path.join(self.LogDir,
'MSSQL-NTLMv1-Client-%s.txt')
self.MSSQLNTLMv2Log = os.path.join(self.LogDir,
'MSSQL-NTLMv2-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir,
'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir,
'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir,
'SMB-NTLMSSPv2-Client-%s.txt')
# HTTP Options
self.Serve_Exe = self.toBool(config['HTTP Server']['serve-exe'])
self.Serve_Always = self.toBool(config['HTTP Server']['serve-always'])
self.Serve_Html = self.toBool(config['HTTP Server']['serve-html'])
self.Html_Filename = config['HTTP Server']['htmlfilename']
self.Exe_Filename = config['HTTP Server']['exefilename']
self.Exe_DlName = config['HTTP Server']['exedownloadname']
self.WPAD_Script = config['HTTP Server']['wpadscript']
self.HtmlToInject = config['HTTP Server']['htmltoinject']
if not os.path.exists(self.Html_Filename):
print utils.color(
"/!\ Warning: %s: file not found" % self.Html_Filename, 3, 1)
if not os.path.exists(self.Exe_Filename):
print utils.color(
"/!\ Warning: %s: file not found" % self.Exe_Filename, 3, 1)
# SSL Options
self.SSLKey = config['HTTPS Server']['sslkey']
self.SSLCert = config['HTTPS Server']['sslcert']
# Respond to hosts
self.RespondTo = filter(None, [
x.upper().strip()
for x in config['Responder Core']['respondto'].strip().split(',')
])
self.RespondToName = filter(None, [
x.upper().strip() for x in config['Responder Core']
['respondtoname'].strip().split(',')
])
self.DontRespondTo = filter(None, [
x.upper().strip() for x in config['Responder Core']
['dontrespondto'].strip().split(',')
])
self.DontRespondToName = filter(None, [
x.upper().strip() for x in config['Responder Core']
['dontrespondtoname'].strip().split(',')
])
# Auto Ignore List
self.AutoIgnore = self.toBool(
config['Responder Core']['autoignoreaftersuccess'])
self.CaptureMultipleCredentials = self.toBool(
config['Responder Core']['capturemultiplecredentials'])
self.AutoIgnoreList = []
# CLI options
self.LM_On_Off = options['responder']['lm_downgrade']
self.WPAD_On_Off = options['responder']['wpad']
self.Wredirect = options['responder']['w_redirect']
self.NBTNSDomain = options['responder']['nbtns_domain']
self.Basic = options['responder']['basic_auth']
self.Finger_On_Off = options['responder']['fingerprint']
self.Interface = options['interface']
self.OURIP = options['responder']['ourip']
self.Force_WPAD_Auth = options['responder']['force_wpad_auth']
self.Upstream_Proxy = options['responder']['upstream_proxy']
self.AnalyzeMode = options['responder']['analyze']
self.Verbose = options['responder']['verbose']
self.CommandLine = str(sys.argv)
if self.HtmlToInject is None:
self.HtmlToInject = ''
self.Bind_To = utils.FindLocalIP(self.Interface, self.OURIP)
self.IP_aton = socket.inet_aton(self.Bind_To)
self.Os_version = sys.platform
# Set up Challenge
self.NumChal = config['Responder Core']['challenge']
if len(self.NumChal) is not 16:
print utils.color(
"[!] The challenge must be exactly 16 chars long.\nExample: 1122334455667788",
1)
sys.exit(-1)
self.Challenge = ""
for i in range(0, len(self.NumChal), 2):
self.Challenge += self.NumChal[i:i + 2].decode("hex")
# Set up logging
logging.basicConfig(filename=self.SessionLogFile,
level=logging.INFO,
format='%(asctime)s - %(message)s',
datefmt='%m/%d/%Y %I:%M:%S %p')
logging.warning('Responder Started: %s' % self.CommandLine)
logging.warning('Responder Config: %s' % str(self))
Formatter = logging.Formatter('%(asctime)s - %(message)s')
PLog_Handler = logging.FileHandler(self.PoisonersLogFile, 'w')
ALog_Handler = logging.FileHandler(self.AnalyzeLogFile, 'a')
PLog_Handler.setLevel(logging.INFO)
ALog_Handler.setLevel(logging.INFO)
PLog_Handler.setFormatter(Formatter)
ALog_Handler.setFormatter(Formatter)
self.PoisonersLogger = logging.getLogger('Poisoners Log')
self.PoisonersLogger.addHandler(PLog_Handler)
self.AnalyzeLogger = logging.getLogger('Analyze Log')
self.AnalyzeLogger.addHandler(ALog_Handler)
def populate(self, options):
# Servers
self.SSL_On_Off = self.toBool(self.config['Responder']['HTTPS'])
self.SQL_On_Off = self.toBool(self.config['Responder']['SQL'])
self.FTP_On_Off = self.toBool(self.config['Responder']['FTP'])
self.POP_On_Off = self.toBool(self.config['Responder']['POP'])
self.IMAP_On_Off = self.toBool(self.config['Responder']['IMAP'])
self.SMTP_On_Off = self.toBool(self.config['Responder']['SMTP'])
self.LDAP_On_Off = self.toBool(self.config['Responder']['LDAP'])
self.Krb_On_Off = self.toBool(self.config['Responder']['Kerberos'])
# Db File
self.DatabaseFile = './logs/responder/Responder.db'
# Log Files
self.LogDir = './logs/responder'
if not os.path.exists(self.LogDir):
os.mkdir(self.LogDir)
self.SessionLogFile = os.path.join(self.LogDir, 'Responder-Session.log')
self.PoisonersLogFile = os.path.join(self.LogDir, 'Poisoners-Session.log')
self.AnalyzeLogFile = os.path.join(self.LogDir, 'Analyzer-Session.log')
self.FTPLog = os.path.join(self.LogDir, 'FTP-Clear-Text-Password-%s.txt')
self.IMAPLog = os.path.join(self.LogDir, 'IMAP-Clear-Text-Password-%s.txt')
self.POP3Log = os.path.join(self.LogDir, 'POP3-Clear-Text-Password-%s.txt')
self.HTTPBasicLog = os.path.join(self.LogDir, 'HTTP-Clear-Text-Password-%s.txt')
self.LDAPClearLog = os.path.join(self.LogDir, 'LDAP-Clear-Text-Password-%s.txt')
self.SMBClearLog = os.path.join(self.LogDir, 'SMB-Clear-Text-Password-%s.txt')
self.SMTPClearLog = os.path.join(self.LogDir, 'SMTP-Clear-Text-Password-%s.txt')
self.MSSQLClearLog = os.path.join(self.LogDir, 'MSSQL-Clear-Text-Password-%s.txt')
self.LDAPNTLMv1Log = os.path.join(self.LogDir, 'LDAP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv1Log = os.path.join(self.LogDir, 'HTTP-NTLMv1-Client-%s.txt')
self.HTTPNTLMv2Log = os.path.join(self.LogDir, 'HTTP-NTLMv2-Client-%s.txt')
self.KerberosLog = os.path.join(self.LogDir, 'MSKerberos-Client-%s.txt')
self.MSSQLNTLMv1Log = os.path.join(self.LogDir, 'MSSQL-NTLMv1-Client-%s.txt')
self.MSSQLNTLMv2Log = os.path.join(self.LogDir, 'MSSQL-NTLMv2-Client-%s.txt')
self.SMBNTLMv1Log = os.path.join(self.LogDir, 'SMB-NTLMv1-Client-%s.txt')
self.SMBNTLMv2Log = os.path.join(self.LogDir, 'SMB-NTLMv2-Client-%s.txt')
self.SMBNTLMSSPv1Log = os.path.join(self.LogDir, 'SMB-NTLMSSPv1-Client-%s.txt')
self.SMBNTLMSSPv2Log = os.path.join(self.LogDir, 'SMB-NTLMSSPv2-Client-%s.txt')
# HTTP Options
self.Serve_Exe = self.toBool(self.config['Responder']['HTTP Server']['Serve-Exe'])
self.Serve_Always = self.toBool(self.config['Responder']['HTTP Server']['Serve-Always'])
self.Serve_Html = self.toBool(self.config['Responder']['HTTP Server']['Serve-Html'])
self.Html_Filename = self.config['Responder']['HTTP Server']['HtmlFilename']
self.HtmlToInject = self.config['Responder']['HTTP Server']['HTMLToInject']
self.Exe_Filename = self.config['Responder']['HTTP Server']['ExeFilename']
self.Exe_DlName = self.config['Responder']['HTTP Server']['ExeDownloadName']
self.WPAD_Script = self.config['Responder']['HTTP Server']['WPADScript']
if not os.path.exists(self.Html_Filename):
print "Warning: %s: file not found" % self.Html_Filename
if not os.path.exists(self.Exe_Filename):
print "Warning: %s: file not found" % self.Exe_Filename
# SSL Options
self.SSLKey = self.config['Responder']['HTTPS Server']['SSLKey']
self.SSLCert = self.config['Responder']['HTTPS Server']['SSLCert']
# Respond to hosts
self.RespondTo = filter(None, [x.upper().strip() for x in self.config['Responder']['RespondTo'].strip().split(',')])
self.RespondToName = filter(None, [x.upper().strip() for x in self.config['Responder']['RespondToName'].strip().split(',')])
self.DontRespondTo = filter(None, [x.upper().strip() for x in self.config['Responder']['DontRespondTo'].strip().split(',')])
self.DontRespondToName = filter(None, [x.upper().strip() for x in self.config['Responder']['DontRespondToName'].strip().split(',')])
# CLI options
self.Interface = options.interface
self.Force_WPAD_Auth = options.forcewpadauth
self.LM_On_Off = options.lm
self.WPAD_On_Off = options.wpad
self.Wredirect = options.wredir
self.NBTNSDomain = options.nbtns
self.Basic = options.basic
self.Finger_On_Off = options.finger
self.AnalyzeMode = options.analyze
#self.Upstream_Proxy = options.Upstream_Proxy
self.Verbose = True
if options.log_level == 'debug':
self.Verbose = True
self.Bind_To = utils.FindLocalIP(self.Interface)
self.IP_aton = socket.inet_aton(self.Bind_To)
self.Os_version = sys.platform
# Set up Challenge
self.NumChal = self.config['Responder']['Challenge']
if len(self.NumChal) is not 16:
print "The challenge must be exactly 16 chars long.\nExample: 1122334455667788"
sys.exit(-1)
self.Challenge = ""
for i in range(0, len(self.NumChal),2):
self.Challenge += self.NumChal[i:i+2].decode("hex")
# Set up logging
formatter = logging.Formatter("%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
self.ResponderLogger = logger().setup_logger("Responder", formatter, self.SessionLogFile)
#logging.warning('Responder Started: {}'.format(self.CommandLine))
#logging.warning('Responder Config: {}'.format(self))
self.PoisonersLogger = logger().setup_logger("Poison log", formatter, self.PoisonersLogFile)
self.AnalyzeLogger = logger().setup_logger("Analyze Log", formatter, self.AnalyzeLogFile)
