fix: Bind to interface bug.

merged with latest version

RAPLANMANPackets.py

@@ -0,0 +1,160 @@
+import struct
+from odict import OrderedDict
+
+def longueur(payload):
+    length = struct.pack(">i", len(''.join(payload)))
+    return length
+
+class Packet():
+    fields = OrderedDict([
+        ("data", ""),
+    ])
+    def __init__(self, **kw):
+        self.fields = OrderedDict(self.__class__.fields)
+        for k,v in kw.items():
+            if callable(v):
+                self.fields[k] = v(self.fields[k])
+            else:
+                self.fields[k] = v
+    def __str__(self):
+        return "".join(map(str, self.fields.values()))
+
+
+class SMBHeader(Packet):
+    fields = OrderedDict([
+        ("proto", "\xff\x53\x4d\x42"),
+        ("cmd", "\x72"),
+        ("error-code", "\x00\x00\x00\x00" ),
+        ("flag1", "\x08"),
+        ("flag2", "\x01\x00"),
+        ("pidhigh", "\x00\x00"),
+        ("signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
+        ("reserved", "\x00\x00"),
+        ("tid", "\x00\x00"),
+        ("pid", "\x3c\x1b"),
+        ("uid", "\x00\x00"),
+        ("mid", "\x00\x00"),
+    ])
+
+class SMBNegoData(Packet):
+    fields = OrderedDict([
+        ("wordcount", "\x00"),
+        ("bcc", "\x54\x00"),
+        ("separator1","\x02" ),
+        ("dialect1", "\x50\x43\x20\x4e\x45\x54\x57\x4f\x52\x4b\x20\x50\x52\x4f\x47\x52\x41\x4d\x20\x31\x2e\x30\x00"),
+        ("separator2","\x02"),
+        ("dialect2", "\x4c\x41\x4e\x4d\x41\x4e\x31\x2e\x30\x00"),
+    ])
+    def calculate(self):
+        CalculateBCC = str(self.fields["separator1"])+str(self.fields["dialect1"])+str(self.fields["separator2"])+str(self.fields["dialect2"])
+        self.fields["bcc"] = struct.pack("<h",len(CalculateBCC))
+
+class SMBSessionData(Packet):
+    fields = OrderedDict([
+        ("wordcount", "\x0a"),
+        ("AndXCommand", "\xff"),
+        ("reserved","\x00"),
+        ("andxoffset", "\x00\x00"),
+        ("maxbuff","\xff\xff"),
+        ("maxmpx", "\x02\x00"),
+        ("vcnum","\x01\x00"),
+        ("sessionkey", "\x00\x00\x00\x00"),
+        ("PasswordLen","\x18\x00"),
+        ("reserved2","\x00\x00\x00\x00"),
+        ("bcc","\x3b\x00"),
+        ("AccountPassword",""),
+        ("AccountName",""),
+        ("AccountNameTerminator","\x00"),
+        ("PrimaryDomain","WORKGROUP"),
+        ("PrimaryDomainTerminator","\x00"),
+        ("NativeOs","Unix"),
+        ("NativeOsTerminator","\x00"),
+        ("NativeLanman","Samba"),
+        ("NativeLanmanTerminator","\x00"),
+
+    ])
+    def calculate(self): 
+        CompleteBCC = str(self.fields["AccountPassword"])+str(self.fields["AccountName"])+str(self.fields["AccountNameTerminator"])+str(self.fields["PrimaryDomain"])+str(self.fields["PrimaryDomainTerminator"])+str(self.fields["NativeOs"])+str(self.fields["NativeOsTerminator"])+str(self.fields["NativeLanman"])+str(self.fields["NativeLanmanTerminator"])
+        self.fields["bcc"] = struct.pack("<h", len(CompleteBCC))
+        self.fields["PasswordLen"] = struct.pack("<h", len(str(self.fields["AccountPassword"])))
+
+class SMBTreeConnectData(Packet):
+    fields = OrderedDict([
+        ("Wordcount", "\x04"),
+        ("AndXCommand", "\xff"),
+        ("Reserved","\x00" ),
+        ("Andxoffset", "\x00\x00"),
+        ("Flags","\x08\x00"),
+        ("PasswdLen", "\x01\x00"),
+        ("Bcc","\x1b\x00"),
+        ("Passwd", "\x00"),
+        ("Path",""),
+        ("PathTerminator","\x00"),
+        ("Service","?????"),
+        ("Terminator", "\x00"),
+
+    ])
+    def calculate(self): 
+        self.fields["PasswdLen"] = struct.pack("<h", len(str(self.fields["Passwd"])))[:2]
+        BccComplete = str(self.fields["Passwd"])+str(self.fields["Path"])+str(self.fields["PathTerminator"])+str(self.fields["Service"])+str(self.fields["Terminator"])
+        self.fields["Bcc"] = struct.pack("<h", len(BccComplete))
+
+class RAPNetServerEnum3Data(Packet):
+    fields = OrderedDict([
+        ("Command", "\xd7\x00"),
+        ("ParamDescriptor", "WrLehDzz"),
+        ("ParamDescriptorTerminator", "\x00"),
+        ("ReturnDescriptor","B16BBDz"),
+        ("ReturnDescriptorTerminator", "\x00"),
+        ("DetailLevel", "\x01\x00"),
+        ("RecvBuff","\xff\xff"),
+        ("ServerType", "\x00\x00\x00\x80"),
+        ("TargetDomain","SMB"),
+        ("RapTerminator","\x00"),
+        ("TargetName","ABCD"),
+        ("RapTerminator2","\x00"),
+    ])
+
+class SMBTransRAPData(Packet):
+    fields = OrderedDict([
+        ("Wordcount", "\x0e"),
+        ("TotalParamCount", "\x24\x00"),
+        ("TotalDataCount","\x00\x00" ),
+        ("MaxParamCount", "\x08\x00"),
+        ("MaxDataCount","\xff\xff"),
+        ("MaxSetupCount", "\x00"),
+        ("Reserved","\x00\x00"),
+        ("Flags", "\x00"),
+        ("Timeout","\x00\x00\x00\x00"),
+        ("Reserved1","\x00\x00"),
+        ("ParamCount","\x24\x00"),
+        ("ParamOffset", "\x5a\x00"),
+        ("DataCount", "\x00\x00"),
+        ("DataOffset", "\x7e\x00"),
+        ("SetupCount", "\x00"),
+        ("Reserved2", "\x00"),
+        ("Bcc", "\x3f\x00"),
+        ("Terminator", "\x00"),
+        ("PipeName", "\\PIPE\\LANMAN"),
+        ("PipeTerminator","\x00\x00"),
+        ("Data", ""),
+
+    ])
+    def calculate(self):
+        #Padding
+        if len(str(self.fields["Data"]))%2==0:
+           self.fields["PipeTerminator"] = "\x00\x00\x00\x00"
+        else:
+           self.fields["PipeTerminator"] = "\x00\x00\x00"
+        ##Convert Path to Unicode first before any Len calc.
+        self.fields["PipeName"] = self.fields["PipeName"].encode('utf-16le')
+        ##Data Len
+        self.fields["TotalParamCount"] = struct.pack("<i", len(str(self.fields["Data"])))[:2]
+        self.fields["ParamCount"] = struct.pack("<i", len(str(self.fields["Data"])))[:2]
+        ##Packet len
+        FindRAPOffset = str(self.fields["Wordcount"])+str(self.fields["TotalParamCount"])+str(self.fields["TotalDataCount"])+str(self.fields["MaxParamCount"])+str(self.fields["MaxDataCount"])+str(self.fields["MaxSetupCount"])+str(self.fields["Reserved"])+str(self.fields["Flags"])+str(self.fields["Timeout"])+str(self.fields["Reserved1"])+str(self.fields["ParamCount"])+str(self.fields["ParamOffset"])+str(self.fields["DataCount"])+str(self.fields["DataOffset"])+str(self.fields["SetupCount"])+str(self.fields["Reserved2"])+str(self.fields["Bcc"])+str(self.fields["Terminator"])+str(self.fields["PipeName"])+str(self.fields["PipeTerminator"])
+
+        self.fields["ParamOffset"] = struct.pack("<i", len(FindRAPOffset)+32)[:2]
+        ##Bcc Buff Len
+        BccComplete    = str(self.fields["Terminator"])+str(self.fields["PipeName"])+str(self.fields["PipeTerminator"])+str(self.fields["Data"])
+        self.fields["Bcc"] = struct.pack("<i", len(BccComplete))[:2]

README.md

@@ -86,6 +86,8 @@ FEATURES
 
 - WPAD rogue transparent proxy server. This module will capture all HTTP requests from anyone launching Internet Explorer on the network. This module is higly effective. You can now send your custom Pac script to a victim and inject HTML into the server's responses. See Responder.conf. This module is now enabled by default.
 
+- Analyze mode: This module allows you to see NBT-NS, BROWSER, LLMNR requests from which workstation to which workstation without poisoning any requests. Also, you can map domains, MSSQL servers, workstations passively, see if ICMP Redirects attacks are plausible on your subnet. 
+
 - Responder is now using a configuration file. See Responder.conf.
 
 - Built-in POP3 auth server. This module will collect POP3 plaintext credentials
@@ -120,7 +122,7 @@ Running this tool:
 
 Usage Example:
 
-python Responder.py -i 10.20.30.40 -r On -I eth0
+python Responder.py -i 10.20.30.40 -r On -F On -w On
 
 Options List:
 
@@ -145,7 +147,7 @@ Options List:
                                      host that issued an NBT-NS or LLMNR query.
 
 -w On, --wpad=On                     Set this to On or Off to start/stop the WPAD rogue
-                                     proxy server. Default value is On
+                                     proxy server. Default value is Off
 
 --lm=Off                             Set this to On if you want to force LM hashing
                                      downgrade for Windows XP/2003 and earlier. Default value is Off
@@ -154,6 +156,12 @@ Options List:
                                      wpad.dat file retrieval. This might cause a login prompt in
                                      some specific cases. Default value is Off
 
+-A, --analyze                        Analyze mode. This option allows you to see NBT-NS,BROWSER, 
+                                     LLMNR requests from which workstation to which workstation 
+                                     without poisoning any requests. Also, you can map domains, 
+                                     MSSQL servers, workstations passively.
+
+
 -v                                   More verbose
 
 
@@ -162,6 +170,7 @@ For more information read these posts:
 http://blog.spiderlabs.com/2012/10/introducing-responder-10.html
 http://blog.spiderlabs.com/2013/01/owning-windows-networks-with-responder-17.html
 http://blog.spiderlabs.com/2013/02/owning-windows-network-with-responder-part-2.html
+http://blog.spiderlabs.com/2014/02/responder-20-owning-windows-networks-part-3.html
 
 Follow our latest updates on twitter:
 https://twitter.com/PythonResponder

Responder.py

@@ -134,7 +134,7 @@ logger2.addHandler(logging.FileHandler(Log2Filename,'w'))
 
 AnalyzeFilename = str(os.path.join(ResponderPATH,"Analyze-LLMNR-NBT-NS.log"))
 logger3 = logging.getLogger('Analyze LLMNR/NBT-NS')
-logger3.addHandler(logging.FileHandler(AnalyzeFilename,'w'))
+logger3.addHandler(logging.FileHandler(AnalyzeFilename,'a'))
 
 def Show_Help(ExtraHelpData):
    help = "NBT Name Service/LLMNR Responder 2.0.\nPlease send bugs/comments to: lgaffie@trustwave.com\nTo kill this script hit CRTL-C\n\n"
@@ -265,13 +265,13 @@ class NBT_Ans(Packet):
 
 def NBT_NS_Role(data):
     Role = {
-        "\x41\x41\x00":"Workstation/Redirector Service",
+        "\x41\x41\x00":"Workstation/Redirector Service.",
-        "\x42\x4c\x00":"Domain Master Browser. This name is likely a domain controller if any, according to MSFT specs.)",
+        "\x42\x4c\x00":"Domain Master Browser. This name is likely a domain controller or a homegroup.)",
         "\x42\x4d\x00":"Domain controller service. This name is a domain controller.",
-        "\x42\x4e\x00":"Local Master Browser",
+        "\x42\x4e\x00":"Local Master Browser.",
         "\x42\x4f\x00":"Browser Election Service.",
-        "\x43\x41\x00":"File Server Service",
+        "\x43\x41\x00":"File Server Service.",
-        "\x41\x42\x00":"Browser Service",
+        "\x41\x42\x00":"Browser Service.",
     }
 
     if data in Role:
@@ -283,10 +283,10 @@ def NBT_NS_Role(data):
 def Validate_NBT_NS(data,Wredirect):
     if Analyze(AnalyzeMode):
        return False
-    if NBT_NS_Role(data[43:46]) == "File Server Service":
+    if NBT_NS_Role(data[43:46]) == "File Server Service.":
        return True
     if Wredirect == "ON":
-       if NBT_NS_Role(data[43:46]) == "Workstation/Redirector Service":
+       if NBT_NS_Role(data[43:46]) == "Workstation/Redirector Service.":
           return True
     else:
        return False
@@ -380,45 +380,165 @@ class NB(BaseRequestHandler):
                        pass
 
 ##################################################################################
-#Browser Listener
+#Browser Listener and Lanman Finger
 ##################################################################################
-def BecomeBackup(data,Client):
+from RAPLANMANPackets import *
-    DataOffset = struct.unpack('<H',data[139:141])[0]
+
-    BrowserPacket = data[82+DataOffset:]
+def WorkstationFingerPrint(data):
-    if BrowserPacket[0] == "\x0b":
+    Role = {
-       ServerName = BrowserPacket[1:]
+        "\x04\x00"    :"Windows 95",
-       if Is_Finger_On(Finger_On_Off):
+        "\x04\x10"    :"Windows 98",
-          try:
+        "\x04\x90"    :"Windows ME",
-              Finger = RunSmbFinger((self.client_address[0],445))
+        "\x05\x00"    :"Windows 2000",
-              Message = "[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s wants to become a backup browser (Local Master Browser backup) on this domain: %s.\nOs Version is: %s Client Version is: %s"%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]),Finger[0],Finger[1])
+        "\x05\x00"    :"Windows XP",
-              logger3.warning(Message)
+        "\x05\x02"    :"Windows 2003",
-          except Exception:
+        "\x06\x00"    :"Windows Vista/Server 2008",
-              Message = "[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s wants to become a backup browser (Local Master Browser backup) on this domain: %s."%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]))
+        "\x06\x01"    :"Windows 7/Server 2008R2",
-              logger3.warning(Message)
+    }
-       else:
+
-           Message = "[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s wants to become a backup browser (Local Master Browser backup) on this domain: %s."%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]))
+    if data in Role:
-           if PrintLLMNRNBTNS(AnalyzeFilename,Message):
+        return Role[data]
-              print Message
-           logger3.warning(Message)
     else:
+        return False
+
+def PrintServerName(data, entries):
+    if entries == 0:
+       pass
+    else:
+       entrieslen = 26*entries
+       chunks, chunk_size = len(data[:entrieslen]), entrieslen/entries 
+       ServerName = [data[i:i+chunk_size] for i in range(0, chunks, chunk_size) ]
+       l =[]
+       for x in ServerName:
+          if WorkstationFingerPrint(x[16:18]):
+             l.append(x[:16].replace('\x00', '')+'\n       [-]Os version is:%s'%(WorkstationFingerPrint(x[16:18])))
+          else:
+             l.append(x[:16].replace('\x00', ''))
+       
+       return l
+
+def ParsePacket(Payload):
+    PayloadOffset = struct.unpack('<H',Payload[51:53])[0]
+    StatusCode = Payload[PayloadOffset-4:PayloadOffset-2]
+    if StatusCode == "\x00\x00":
+       EntriesNum = struct.unpack('<H',Payload[PayloadOffset:PayloadOffset+2])[0]
+       ParsedNames = PrintServerName(Payload[PayloadOffset+4:], EntriesNum)
+       return ParsedNames
+    else:
+       return None
+
+def RAPThisDomain(Client,Domain):
+    try:
+       l =[]
+       for x in range(1):
+          PDC = RapFinger(Client,Domain,"\x00\x00\x00\x80")
+          if PDC is not None:
+             l.append('[Analyze mode LANMAN]:')
+             l.append('[!]Domain detected on this network:')
+             for x in PDC:
+                 l.append('   -'+x)
+          SQL = RapFinger(Client,Domain,"\x04\x00\x00\x00")
+          if SQL is not None:
+             l.append('[!]SQL Server detected on Domain %s:'%(Domain))
+             for x in SQL:
+                 l.append('   -'+x)
+          WKST = RapFinger(Client,Domain,"\xff\xff\xff\xff")
+          if WKST is not None:
+             l.append('[!]Workstations/Servers detected on Domain %s:'%(Domain))
+             for x in WKST:
+                 l.append('   -'+x)
+          else:
+             pass
+          return '\n'.join(l)
+    except:
+       pass
+
+def RapFinger(Host,Domain, Type):
+    try:
+       s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+       s.connect((Host,445))  
+       s.settimeout(0.3) 
+       h = SMBHeader(cmd="\x72",mid="\x01\x00")
+       n = SMBNegoData()
+       n.calculate()
+       packet0 = str(h)+str(n)
+       buffer0 = longueur(packet0)+packet0
+       s.send(buffer0)
+       data = s.recv(1024) 
+       ##Session Setup AndX Request, Anonymous.
+       if data[8:10] == "\x72\x00":
+          head = SMBHeader(cmd="\x73",mid="\x02\x00")
+          t = SMBSessionData()
+          t.calculate()
+          final = t 
+          packet1 = str(head)+str(t)
+          buffer1 = longueur(packet1)+packet1  
+          s.send(buffer1)
+          data = s.recv(1024) 
+          ##Tree Connect IPC$.
+          if data[8:10] == "\x73\x00":
+             head = SMBHeader(cmd="\x75",flag1="\x08", flag2="\x01\x00",uid=data[32:34],mid="\x03\x00")
+             t = SMBTreeConnectData(Path="\\\\"+Host+"\\IPC$")
+             t.calculate()
+             packet1 = str(head)+str(t)
+             buffer1 = longueur(packet1)+packet1  
+             s.send(buffer1)
+             data = s.recv(1024)
+             ##Rap ServerEnum.
+             if data[8:10] == "\x75\x00":
+                head = SMBHeader(cmd="\x25",flag1="\x08", flag2="\x01\xc8",uid=data[32:34],tid=data[28:30],pid=data[30:32],mid="\x04\x00")
+                t = SMBTransRAPData(Data=RAPNetServerEnum3Data(ServerType=Type,DetailLevel="\x01\x00",TargetDomain=Domain))
+                t.calculate() 
+                packet1 = str(head)+str(t)
+                buffer1 = longueur(packet1)+packet1  
+                s.send(buffer1)
+                data = s.recv(64736)
+                ##Rap ServerEnum, Get answer and return what we're looking for.
+                if data[8:10] == "\x25\x00":
+                   s.close()
+                   return ParsePacket(data)
+    except:
+       return None
+
+def BecomeBackup(data,Client):
+    try:
+       DataOffset = struct.unpack('<H',data[139:141])[0]
+       BrowserPacket = data[82+DataOffset:]
+       if BrowserPacket[0] == "\x0b":
+          ServerName = BrowserPacket[1:]
+          Domain = Decode_Name(data[49:81])
+          Name = Decode_Name(data[15:47])
+          Role = NBT_NS_Role(data[45:48])
+          Message = "[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s wants to become a Local Master Browser Backup on this domain: %s."%(Client, Name,Role,Domain)
+          if PrintLLMNRNBTNS(AnalyzeFilename,Message):
+             print Message
+          if AnalyzeMode:
+             Message1=RAPThisDomain(Client,Domain)
+             if PrintLLMNRNBTNS(AnalyzeFilename,Message1):
+                print Message1
+                logger3.warning(Message1)
+          logger3.warning(Message)
+    except:
        pass
 
 def ParseDatagramNBTNames(data,Client):
-    if Is_Finger_On(Finger_On_Off):
+    try:
-       try:
+       Domain = Decode_Name(data[49:81])
-          Finger = RunSmbFinger((Client,445))
+       Name = Decode_Name(data[15:47])
-          Message = '[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s\nOs Version is: %s Client Version is: %s'%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]), NBT_NS_Role(data[79:82]),Finger[0],Finger[1])
+       Role1 = NBT_NS_Role(data[45:48])
+       Role2 = NBT_NS_Role(data[79:82])
+       Message = '[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s'%(Client, Name, Role1, Domain, Role2)
+       if Role2 == "Domain controller service. This name is a domain controller." or Role2 == "Browser Election Service." or Role2 == "Local Master Browser.":
+          if PrintLLMNRNBTNS(AnalyzeFilename,Message):
+             print Message
+          if AnalyzeMode:
+             Message1=RAPThisDomain(Client,Domain)
+             if PrintLLMNRNBTNS(AnalyzeFilename,Message1):
+                print Message1
+                logger3.warning(Message1)
           logger3.warning(Message)
-       except Exception:
+    except:
-          Message = '[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s'%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]), NBT_NS_Role(data[79:82]))
+       pass
-          logger3.warning(Message)
-       if PrintLLMNRNBTNS(AnalyzeFilename,Message):
-          print Message
-    else:
-       Message = '[Analyze mode: Browser]Datagram Request from IP: %s hostname: %s via the: %s to: %s. Service: %s'%(Client, Decode_Name(data[15:47]),NBT_NS_Role(data[45:48]),Decode_Name(data[49:81]), NBT_NS_Role(data[79:82]))
-       logger3.warning(Message)
-       if PrintLLMNRNBTNS(AnalyzeFilename,Message):
-          print Message
 
 class Browser(BaseRequestHandler):
 
@@ -430,7 +550,7 @@ class Browser(BaseRequestHandler):
               BecomeBackup(request,self.client_address[0])
            BecomeBackup(request,self.client_address[0])
         except Exception:
-           raise
+           pass
 ##################################################################################
 #SMB Server
 ##################################################################################
@@ -738,8 +858,8 @@ class SMB1LM(BaseRequestHandler):
                  data = self.request.recv(1024)
 
         except Exception:
-           pass #no need to print errors..
            self.request.close()
+           pass #no need to print errors..
 
 ##################################################################################
 #SQL Stuff
@@ -1378,7 +1498,7 @@ def InjectData(data):
              return Gzip
           else:
              return data
-       if "Content-Type: text/html" in Headers:
+       if "content-type: text/html" in Headers.lower():
           Len = ''.join(re.findall('(?<=Content-Length: )[^\r\n]*', Headers))
           HasHTML = re.findall('(?<=<html)[^<]*', Content)
           if HasHTML :
@@ -1988,25 +2108,40 @@ ThreadingTCPServer.allow_reuse_address = 1
 
 
 def serve_thread_udp(host, port, handler):
-	try:
+   try:
-		server = ThreadingUDPServer((host, port), handler)
+      if OsInterfaceIsSupported(INTERFACE):
-		server.serve_forever()
+         IP = FindLocalIP(BIND_TO_Interface)
-	except:
+         server = ThreadingUDPServer((IP, port), handler)
-		print "Error starting UDP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
+         server.serve_forever()
+      else:
+         server = ThreadingUDPServer((host, port), handler)
+         server.serve_forever()
+   except:
+      print "Error starting UDP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
  
 def serve_thread_tcp(host, port, handler):
-	try:
+   try:
-		server = ThreadingTCPServer((host, port), handler)
+      if OsInterfaceIsSupported(INTERFACE):
-		server.serve_forever()
+         IP = FindLocalIP(BIND_TO_Interface)
-	except:
+         server = ThreadingTCPServer((IP, port), handler)
-		print "Error starting TCP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
+         server.serve_forever()
+      else:
+         server = ThreadingTCPServer((host, port), handler)
+         server.serve_forever()
+   except:
+      print "Error starting TCP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
 
 def serve_thread_SSL(host, port, handler):
-	try:
+   try:
-		server = SSlSock((host, port), handler)
+      if OsInterfaceIsSupported(INTERFACE):
-		server.serve_forever()
+         IP = FindLocalIP(BIND_TO_Interface)
-	except:
+         server = SSlSock((IP, port), handler)
-		print "Error starting TCP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
+         server.serve_forever()
+      else:
+         server = SSlSock((host, port), handler)
+         server.serve_forever()
+   except:
+      print "Error starting TCP server on port " + str(port) + ". Check that you have the necessary permissions (i.e. root), no other servers are running and the correct network interface is set in Responder.conf."
 
 def main():
     try:
@@ -2039,3 +2174,5 @@ if __name__ == '__main__':
 
 
 
+
+