minor fix on recent merge and version update

Merge pull request #315 from vflame6/master
Disabled printing of ignored LLMNR, NBT-NS and MDNS messages in Analyze Mode with Quiet Mode
2025-12-30 11:29:02 +00:00 · 2025-08-22 19:15:52 -03:00 · 2025-08-22 19:07:29 -03:00 · 2025-08-22 18:42:52 -03:00 · 2025-08-22 18:32:51 -03:00 · 2025-08-22 18:30:49 -03:00
9 changed files with 43 additions and 26 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
 # Python artifacts
 *.pyc
+.venv/

 # Responder logs
 *.db
@@ -9,3 +10,6 @@
 # Generated certificates and keys
 certs/*.crt
 certs/*.key
+
+# IDE
+.idea/
--- a/README.md
+++ b/README.md
@@ -101,15 +101,25 @@ Edit this file /etc/NetworkManager/NetworkManager.conf and comment the line: `dn

 - This tool is not meant to work on Windows.

- For OSX, please note: Responder must be launched with an IP address for the -i flag (e.g. -i YOUR_IP_ADDR). There is no native support in OSX for custom interface binding. Using -i en1 will not work. Also to run Responder with the best experience, run the following as root:
+- For macOS, please note: Responder must be launched with an IP address for the -i flag (e.g. -i YOUR_IP_ADDR). There is no native support in OSX for custom interface binding. Using -i en1 will not work. Also to run Responder with the best experience, run the following as root:

-    launchctl unload /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
+```
+launchctl bootout system /System/Library/LaunchDaemons/com.apple.Kerberos.kdc.plist
+launchctl bootout system /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
+launchctl bootout system /System/Library/LaunchDaemons/com.apple.smbd.plist
+launchctl bootout system /System/Library/LaunchDaemons/com.apple.netbiosd.plist
+```

-    launchctl unload /System/Library/LaunchDaemons/com.apple.mDNSResponder.plist
+- Quickstart for macOS:

-    launchctl unload /System/Library/LaunchDaemons/com.apple.smbd.plist
-
-    launchctl unload /System/Library/LaunchDaemons/com.apple.netbiosd.plist
+```
+git clone https://github.com/lgandx/Responder
+cd Responder/
+python3 -m venv .
+source bin/activate
+python3 -m pip install netifaces
+sudo python3 Responder.py
+```

 ## Usage ##

@@ -169,10 +179,10 @@ Options:
                        random TTL
    -N ANSWERNAME, --AnswerName=ANSWERNAME
                        Specifies the canonical name returned by the LLMNR
-                        poisoner in tits Answer section. By default, the
+                        poisoner in its Answer section. By default, the
                        answer's canonical name is the same as the query.
                        Changing this value is mainly useful when attempting
-                        to perform Kebreros relaying over HTTP.
+                        to perform Kerberos relaying over HTTP.
    -E, --ErrorCode     Changes the error code returned by the SMB server to
                        STATUS_LOGON_FAILURE. By default, the status is
                        STATUS_ACCESS_DENIED. Changing this value permits to
--- a/Responder.py
+++ b/Responder.py
@@ -47,7 +47,7 @@ parser.add_option('--lm',                  action="store_true", help="Force LM h
 parser.add_option('--disable-ess',         action="store_true", help="Force ESS downgrade. Default: False", dest="NOESS_On_Off", default=False)
 parser.add_option('-v','--verbose',        action="store_true", help="Increase verbosity.", dest="Verbose")
 parser.add_option('-t','--ttl',            action="store",      help="Change the default Windows TTL for poisoned answers. Value in hex (30 seconds = 1e). use '-t random' for random TTL", dest="TTL", metavar="1e", default=None)
-parser.add_option('-N', '--AnswerName',	   action="store",      help="Specifies the canonical name returned by the LLMNR poisoner in tits Answer section. By default, the answer's canonical name is the same as the query. Changing this value is mainly useful when attempting to perform Kebreros relaying over HTTP.", dest="AnswerName", default=None)
+parser.add_option('-N', '--AnswerName',	   action="store",      help="Specifies the canonical name returned by the LLMNR poisoner in its Answer section. By default, the answer's canonical name is the same as the query. Changing this value is mainly useful when attempting to perform Kerberos relaying over HTTP.", dest="AnswerName", default=None)
 parser.add_option('-E', '--ErrorCode',     action="store_true",      help="Changes the error code returned by the SMB server to STATUS_LOGON_FAILURE. By default, the status is STATUS_ACCESS_DENIED. Changing this value permits to obtain WebDAV authentications from the poisoned machines where the WebClient service is running.", dest="ErrorCode", default=False)
 options, args = parser.parse_args()

--- a/poisoners/DHCP.py
+++ b/poisoners/DHCP.py
@@ -240,8 +240,9 @@ def ParseSrcDSTAddr(data):

 def FindIP(data):
    IPPos = data.find(b"\x32\x04") + 2
-    if IPPos == -1 or IPPos + 4 >= len(data):
-        return None
+    if IPPos == -1 or IPPos + 4 >= len(data) or IPPos == 1:
+        #Probably not present in the DHCP options we received, let's grab it from the IP header instead
+        return data[12:16]
    else:
        IP = data[IPPos:IPPos+4]
        return IP
--- a/poisoners/LLMNR.py
+++ b/poisoners/LLMNR.py
@@ -71,7 +71,9 @@ class LLMNR(BaseRequestHandler):  # LLMNR Server class
 			if data[2:4] == b'\x00\x00' and LLMNRType:
 				if settings.Config.AnalyzeMode:
 					LineHeader = "[Analyze mode: LLMNR]"
-					print(color("%s Request by %s for %s, ignoring" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name), 2, 1))
+					# Don't print if in Quiet Mode
+					if not settings.Config.Quiet_Mode:
+						print(color("%s Request by %s for %s, ignoring" % (LineHeader, self.client_address[0].replace("::ffff:",""), Name), 2, 1))
 					SavePoisonersToDb({
 							'Poisoner': 'LLMNR', 
 							'SentToIp': self.client_address[0], 
--- a/poisoners/MDNS.py
+++ b/poisoners/MDNS.py
@@ -64,7 +64,9 @@ class MDNS(BaseRequestHandler):
 				return None

 			if settings.Config.AnalyzeMode:  # Analyze Mode
-				print(text('[Analyze mode: MDNS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Request_Name, 3))))
+				# Don't print if in Quiet Mode
+				if not settings.Config.Quiet_Mode:
+					print(text('[Analyze mode: MDNS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Request_Name, 3))))
 				SavePoisonersToDb({
 						'Poisoner': 'MDNS', 
 						'SentToIp': self.client_address[0], 
--- a/poisoners/NBTNS.py
+++ b/poisoners/NBTNS.py
@@ -36,7 +36,9 @@ class NBTNS(BaseRequestHandler):

 			if data[2:4] == b'\x01\x10':
 				if settings.Config.AnalyzeMode:  # Analyze Mode
-					print(text('[Analyze mode: NBT-NS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Name, 3))))
+					# Don't print if in Quiet Mode
+					if not settings.Config.Quiet_Mode:
+						print(text('[Analyze mode: NBT-NS] Request by %-15s for %s, ignoring' % (color(self.client_address[0].replace("::ffff:",""), 3), color(Name, 3))))
 					SavePoisonersToDb({
 							'Poisoner': 'NBT-NS', 
 							'SentToIp': self.client_address[0], 
--- a/settings.py
+++ b/settings.py
@@ -23,7 +23,7 @@ import subprocess

 from utils import *

-__version__ = 'Responder 3.1.6.0'
+__version__ = 'Responder 3.1.7.0'

 class Settings:
 	
--- a/utils.py
+++ b/utils.py
@@ -28,7 +28,7 @@ import random
 try:
 	import netifaces
 except:
-	sys.exit('You need to install python-netifaces or run Responder with python3...\nTry "apt-get install python-netifaces" or "pip install netifaces"')
+	sys.exit('You need to install python3-netifaces or run Responder with python3...\nTry "apt-get install python3-netifaces" or "pip install netifaces"')

 try:
 	import aioquic
@@ -485,21 +485,12 @@ def banner():
 	])

 	print(banner)
-	print("\n           \033[1;33mNBT-NS, LLMNR & MDNS %s\033[0m" % settings.__version__)
-	print('')
-	print("  To support this project:")
-	print("  Github -> https://github.com/sponsors/lgandx")
-	print("  Paypal  -> https://paypal.me/PythonResponder")
-	print('')
-	print("  Author: Laurent Gaffie (laurent.gaffie@gmail.com)")
-	print("  To kill this script hit CTRL-C")
 	print('')


 def StartupMessage():
 	enabled  = color('[ON]', 2, 1) 
 	disabled = color('[OFF]', 1, 1)
-
 	print('')
 	print(color("[+] ", 2, 1) + "Poisoners:")
 	print('    %-27s' % "LLMNR" + (enabled if (settings.Config.AnalyzeMode == False and settings.Config.LLMNR_On_Off) else disabled))
@@ -579,4 +570,9 @@ def StartupMessage():
 	print('    %-27s' % "Responder Machine Name" + color('[%s]' % settings.Config.MachineName, 5, 1))
 	print('    %-27s' % "Responder Domain Name" + color('[%s]' % settings.Config.DomainName, 5, 1))
 	print('    %-27s' % "Responder DCE-RPC Port " + color('[%s]' % settings.Config.RPCPort, 5, 1))
-
+	
+	#credits
+	print('')
+	print(color("[*] ", 2, 1)+"Version: "+settings.__version__)
+	print(color("[*] ", 2, 1)+"Author: Laurent Gaffie, <lgaffie@secorizon.com>")
+	print(color("[*] ", 2, 1)+"To sponsor Responder: https://paypal.me/PythonResponder")
Author	SHA1	Message	Date
lgandx	fe5f63269a	minor fix on recent merge and version update	2025-08-22 19:15:52 -03:00
lgandx	da74083b46	Merge pull request #315 from vflame6/master Disabled printing of ignored LLMNR, NBT-NS and MDNS messages in Analyze Mode with Quiet Mode	2025-08-22 19:07:29 -03:00
lgandx	004dc1f4f3	Merge pull request #297 from idarlund/patch-1 quickstart for macos	2025-08-22 18:42:52 -03:00
lgandx	6fad9f0c3a	Merge branch 'master' of https://github.com/lgandx/Responder	2025-08-22 18:32:51 -03:00
lgandx	007367e0e0	minor fix and layout changes	2025-08-22 18:30:49 -03:00
lgandx	08864c7d76	Merge pull request #318 from Helithumper/kerberos-typo Typo Fix: Kebreros->Kerberos	2025-08-22 18:09:47 -03:00
lgandx	32da74c12d	Merge branch 'master' into kerberos-typo	2025-08-22 18:09:22 -03:00
lgandx	7a8d06b8d3	Merge pull request #319 from hdm/master Correct a very minor typo	2025-08-22 18:05:39 -03:00
HD Moore	a9c41c97fc	fix minor typo	2025-07-28 22:02:19 -05:00
HD Moore	eeceecae8f	fix minor typo	2025-07-28 22:01:58 -05:00
Peyton Duncan	f1d8d1a6c4	typo had a typo	2025-07-19 13:58:14 -07:00
Peyton Duncan	a5a2231ec3	typo fix	2025-07-19 13:56:10 -07:00
vflame6	7e6d49bf42	Disabled printing of ignored LLMNR, NBT-NS and MDNS messages in Analyze + Quiet modes	2025-07-09 13:33:07 +05:00
lgandx	398a1fce31	Fixed minor parsing issue in FindIP	2025-05-22 18:45:45 -03:00
lgandx	fa2b8dd5fd	minor fixes	2025-05-22 11:42:50 -03:00
Idar Lund	38023edfaa	Update README.md	2024-11-07 09:21:19 +00:00
Idar Lund	fbcb000a93	quickstart for macos added quickstart for macos and changed format on the considerations for macos	2024-11-07 09:18:55 +00:00