Commit 158d992e authored by Sophie Brun's avatar Sophie Brun

Import a new upstream release

parent 5a60d12f
responder (2.3.2.4-0kali1) kali-dev; urgency=medium
* Import a new upstream release (from a new git source)
-- Sophie Brun <sophie@freexian.com> Mon, 12 Sep 2016 13:31:12 +0200
responder (2.3.0+git20160905-0kali1) kali-dev; urgency=medium
* Import a snapshot from git
......
......@@ -3,7 +3,7 @@ Section: utils
Priority: extra
Maintainer: Devon Kearns <dookie@kali.org>
Build-Depends: debhelper (>= 9)
Standards-Version: 3.9.3
Standards-Version: 3.9.8
Homepage: https://github.com/lgandx/Responder
Vcs-Git: git://git.kali.org/packages/responder.git
Vcs-Browser: http://git.kali.org/gitweb/?p=packages/responder.git;a=summary
......@@ -11,13 +11,13 @@ Vcs-Browser: http://git.kali.org/gitweb/?p=packages/responder.git;a=summary
Package: responder
Architecture: all
Depends: ${misc:Depends}, python
Description: NBT-NS/LLMNR Responder
This tool is first an LLMNR and NBT-NS responder, it will answer to
*specific* NBT-NS (NetBIOS Name Service) queries based on their name
suffix (see: http://support.microsoft.com/kb/163409). By default, the
tool will only answers to File Server Service request, which is for SMB.
The concept behind this, is to target our answers, and be stealthier on
the network. This also helps to ensure that we don't break legitimate
NBT-NS behavior.
You can set the -r option to 1 via command line if you want this tool to
answer to the Workstation Service request name suffix.
Description: LLMNR/NBT-NS/mDNS Poisoner
Responder an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific
NBT-NS (NetBIOS Name Service) queries based on their name suffix
(see: http://support.microsoft.com/kb/163409). By default, the tool will only
answer to File Server Service request, which is for SMB.
.
The concept behind this is to target your answers, and be stealthier on the
network. This also helps to ensure that you don't break legitimate NBT-NS
behavior. You can set the -r option via command line if you want to answer
to the Workstation Service request name suffix.
......@@ -3,8 +3,7 @@ Upstream-Name: responder
Source: https://github.com/lgandx/Responder
Files: *
Copyright: 2013-2014 Trustwave Holdings, Inc.
Laurent Gaffie <lgaffie@trustwave.com>
Copyright: Laurent Gaffie <laurent.gaffie@gmail.com>
License: GPL-3+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
......
From: =?utf-8?q?Rapha=C3=ABl_Hertzog?= <hertzog@debian.org>
Date: Mon, 8 Feb 2016 12:04:55 +0100
Subject: Use SSLv23_METHOD as this allows any supported protocol
Cf https://openssl.org/docs/manmaster/ssl/SSL_CTX_new.html
Bug: https://github.com/SpiderLabs/Responder/issues/65
Bug-Kali: https://bugs.kali.org/view.php?id=3048
---
servers/HTTP.py | 46 +++++++++++++++++++++++-----------------------
1 file changed, 23 insertions(+), 23 deletions(-)
diff --git a/servers/HTTP.py b/servers/HTTP.py
index 0f0e6e6..fbc4ba5 100644
--- a/servers/HTTP.py
+++ b/servers/HTTP.py
@@ -32,11 +32,11 @@ def ParseHTTPHash(data, client):
LMhashLen = struct.unpack('<H',data[12:14])[0]
LMhashOffset = struct.unpack('<H',data[16:18])[0]
LMHash = data[LMhashOffset:LMhashOffset+LMhashLen].encode("hex").upper()
-
+
NthashLen = struct.unpack('<H',data[20:22])[0]
NthashOffset = struct.unpack('<H',data[24:26])[0]
NTHash = data[NthashOffset:NthashOffset+NthashLen].encode("hex").upper()
-
+
UserLen = struct.unpack('<H',data[36:38])[0]
UserOffset = struct.unpack('<H',data[40:42])[0]
User = data[UserOffset:UserOffset+UserLen].replace('\x00','')
@@ -48,12 +48,12 @@ def ParseHTTPHash(data, client):
WriteHash = '%s::%s:%s:%s:%s' % (User, HostName, LMHash, NTHash, settings.Config.NumChal)
SaveToDb({
- 'module': 'HTTP',
- 'type': 'NTLMv1',
- 'client': client,
- 'host': HostName,
- 'user': User,
- 'hash': LMHash+":"+NTHash,
+ 'module': 'HTTP',
+ 'type': 'NTLMv1',
+ 'client': client,
+ 'host': HostName,
+ 'user': User,
+ 'hash': LMHash+":"+NTHash,
'fullhash': WriteHash,
})
@@ -68,12 +68,12 @@ def ParseHTTPHash(data, client):
WriteHash = '%s::%s:%s:%s:%s' % (User, Domain, settings.Config.NumChal, NTHash[:32], NTHash[32:])
SaveToDb({
- 'module': 'HTTP',
- 'type': 'NTLMv2',
- 'client': client,
- 'host': HostName,
- 'user': Domain+'\\'+User,
- 'hash': NTHash[:32]+":"+NTHash[32:],
+ 'module': 'HTTP',
+ 'type': 'NTLMv2',
+ 'client': client,
+ 'host': HostName,
+ 'user': Domain+'\\'+User,
+ 'hash': NTHash[:32]+":"+NTHash[32:],
'fullhash': WriteHash,
})
@@ -115,7 +115,7 @@ def ServeFile(Filename):
return data
def RespondWithFile(client, filename, dlname=None):
-
+
if filename.endswith('.exe'):
Buffer = ServeExeFile(Payload = ServeFile(filename), ContentDiFile=dlname)
else:
@@ -153,7 +153,7 @@ def PacketSequence(data, client):
return RespondWithFile(client, settings.Config.Html_Filename)
WPAD_Custom = WpadCustom(data, client)
-
+
if NTLM_Auth:
Packet_NTLM = b64decode(''.join(NTLM_Auth))[8:9]
@@ -191,11 +191,11 @@ def PacketSequence(data, client):
GrabCookie(data, client)
SaveToDb({
- 'module': 'HTTP',
- 'type': 'Basic',
- 'client': client,
- 'user': ClearText_Auth.split(':')[0],
- 'cleartext': ClearText_Auth.split(':')[1],
+ 'module': 'HTTP',
+ 'type': 'Basic',
+ 'client': client,
+ 'user': ClearText_Auth.split(':')[0],
+ 'cleartext': ClearText_Auth.split(':')[1],
})
if settings.Config.Force_WPAD_Auth and WPAD_Custom:
@@ -255,7 +255,7 @@ class HTTPS(StreamRequestHandler):
data = self.exchange.recv(8092)
self.exchange.settimeout(0.5)
Buffer = WpadCustom(data,self.client_address[0])
-
+
if Buffer and settings.Config.Force_WPAD_Auth == False:
self.exchange.send(Buffer)
if settings.Config.Verbose:
@@ -273,7 +273,7 @@ class SSLSock(ThreadingMixIn, TCPServer):
from OpenSSL import SSL
BaseServer.__init__(self, server_address, RequestHandlerClass)
- ctx = SSL.Context(SSL.SSLv3_METHOD)
+ ctx = SSL.Context(SSL.SSLv23_METHOD)
cert = os.path.join(settings.Config.ResponderPATH, settings.Config.SSLCert)
key = os.path.join(settings.Config.ResponderPATH, settings.Config.SSLKey)
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment