PenTest/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-12-28 02:19:07 +00:00
Code Issues Projects Releases Wiki Activity
478 Commits 2 Branches 53 Tags
ec2f95ef8d3513f7e8072812f1cac7183f2056c8
Commit Graph

70 Commits

Author SHA1 Message Date
Stephen Shkardoon
9d4f919b39 Implement a basic SNMP listener 
All community strings are logged as they are sent to the server.
This initial implementation only supports SNMPv1 and SNMPv2c.

`pyasn1` is required for this server to function.
 2022-11-06 01:27:28 +13:00
lgandx
c51251db5f Fixed potential disruption on Proxy-Auth 2022-08-06 00:26:11 -03:00
lgandx
15d03bc902 Minor bugs and display/logging fixes + RDP srv SSLwrapping fix 2022-07-26 14:56:18 -03:00
lgandx
5cf69228cf added support for OPT EDNS 2021-12-21 22:39:02 -03:00
lgandx
5d4510cc1d Added IPv6 support 2021-12-17 10:05:00 -03:00
lgandx
17e62bda1a Remove analyze mode on DNS since you need to ARP to get queries 2021-12-07 19:56:41 -03:00
lgandx
ae1c2be51c minor fix 2021-05-09 19:02:42 -03:00
lgandx
4231532926 minor fix 2021-05-06 19:56:37 -03:00
lgandx
85315442bd Added WinRM rogue server 2021-04-19 18:12:27 -03:00
lgandx
e91e37c974 Added dce-rpc module + enhancements + bug fix. 2021-04-16 21:35:32 -03:00
lgandx
1271b8e179 Added DNS SRV handling for ldap/kerberos + LDAP netlogon ping 2021-04-12 20:42:36 -03:00
lgandx
5e39c91a05 py3 bugfix 2020-08-17 20:28:15 -03:00
lgandx
d6f4911eb4 python3.8 compability fix 2020-08-17 16:08:24 -03:00
lgandx
b510b2bb25 Added py3 and py2 compatibility + many bugfix 2020-01-09 14:47:56 -03:00
lgandx
c52843a535 Added RDP rogue server 2019-08-17 16:31:34 -03:00
Crypt0-M3lon
e7a787cbc4 Fix socket timeout on HTTP POST requests 
Remaining size should be checked at the end of the loop, the current implementation hang when POST request Content-Lenght is 0.
We want to check for Content-Length header only if we received full header.
 2019-02-08 09:08:24 +01:00
Clément Notin
c99c9edf19 Replace ParseSMB2NTLMv2Hash() by ParseSMBHash() to handle NTLMv1 and NTLMv2 2019-01-09 19:16:52 +01:00
lgandx
47e63ae4ec removed debug string 2018-11-11 09:46:15 -03:00
Clément Notin
defabfa543 Fix multi HTTP responses 2018-08-17 15:45:13 +02:00
Lionel PRAT
47c311553e Add ignore case on check body for html inject 2017-11-16 16:31:18 +01:00
lgandx
207b0d455c added support for plain auth 2017-09-06 02:07:41 -03:00
lgandx
679cf65cff Changed the complete LDAP parsing hash algo (ntlmv2 bug). 2017-09-04 23:15:27 -03:00
lgandx
be26b504b5 Fixed various bugs and improved the LDAP module. 2017-09-04 21:57:51 -03:00
lgandx
75aa21bbb9 Several Bugfix 2017-09-04 18:50:04 -03:00
OJ
33bde41902 Pass Challenge value to the LDAP parsing function 2017-08-25 09:03:01 +10:00
Matthew Daley
bff935e71e Add Microsoft SQL Server Browser responder 
When connecting to a named instance, a SQL client (at least SQL Server
Native Client) will send a request (namely a CLNT_UCAST_INST message) to
the server's SQL Server Browser service for instance connection
information. If it gets no response, the connection attempt fails.

By adding a SQL Server Browser responder for these requests, we ensure
that connections are successfully made to the SQL Server responder for
hash capture.

As per the comment, this is based on the document "[MC-SQLR]: SQL Server
Resolution Protocol", currently available at
<https://msdn.microsoft.com/en-us/library/cc219703.aspx>.
 2017-06-28 19:14:38 +12:00
lgandx
21d48be98f Added: Hashdump, Stats report 2017-02-18 20:38:40 +01:00
skelsec
225857b6ed cleaning up comments 2017-02-06 10:48:23 -08:00
skelsec
2c32704b85 SimpleSSL 2017-02-06 09:42:35 -08:00
skelsec
0e3e6f9745 making HTTP great again 2017-02-06 09:21:44 -08:00
Timon Hackenjos
5a2ee18bfa Fix Proxy_Auth. Random challenge broke it. 2017-01-19 17:46:21 +01:00
lgandx
1d38cd39af Added: Random challenge for each requests (default) 2017-01-03 17:35:49 -03:00
lgandx
027f841cdf Fixed wrong challenge issue 2016-10-18 11:53:09 -03:00
lgandx
10d33eba72 Minor fix 2016-10-12 13:26:45 -03:00
lgandx
9c91658fe8 Minor fix 2016-10-12 01:04:11 -03:00
lgandx
60c91c6626 Fix values for win98 and win10 (requested here: d9d34f04cd) 2016-10-12 00:49:34 -03:00
lgandx
0cf1087010 fixed bug in hash parsing. 2016-10-09 22:20:06 -03:00
lgandx
5f1fa4a00f Minor fix 2016-09-21 13:37:46 -03:00
lgandx
2cdeef3c83 minor bug fix 2016-09-12 00:01:27 -03:00
lgandx
3e2e375987 removed debug info 2016-09-11 21:55:37 -03:00
lgandx
ad9ce6e659 Added support for webdav, auto credz. 2016-09-11 21:51:57 -03:00
lgandx
29ad8a0816 Firefox blacklisted on WPAD since it doesn't honors fail-over proxies. Added SO_LINGER to send RST when close() is called. 2016-09-11 13:07:44 -03:00
lgandx
82fe64dfd9 Added proxy auth server + various fixes and improvements 2016-09-10 21:25:55 -03:00
lgandx
c3372d9bb6 bug: removed loop, while connection handled by basehttpserver 2016-09-10 12:17:47 -03:00
lgandx
b34fee1d8c Minor fixes 2016-09-09 02:54:30 -03:00
lgandx
85d7974513 Added SMBv2 support enabled by default. 2016-09-09 02:50:39 -03:00
Hank Leininger
a81a9a31e4 Fixed the regexes for Authorization: headers. 
The \r was escaped inside a character class where it did not need to be.
Instead of the search stopping at the first \r as intended, it stopped
at the first literal r (which can occur in normal b64 content) or the
first literal \ (unlikely to occur in HTTP headers in general).

The \\ has been there since the very first commit of Responder in 2013.
 2016-08-02 00:50:51 -04:00
lgandx
e4f40d7a76 Merge pull request #99 from ValdikSS/utf16names 
Proper non-Latin names support for SMB
 2016-07-30 19:03:55 -03:00
ValdikSS
9a72afc6b5 Proper non-Latin names support for SMB 2016-07-28 14:56:53 +03:00
ValdikSS
eee552b895 Send ACCOUNT_DISABLED on the first SMB authentication to gather multiple credentials if there are any. 2016-07-22 22:45:50 +03:00