search

lgandx / Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
GNU General Public License v3.0
5.48k stars 776 forks source link

DontRespondTo Fails for IPv6 #259

Closed jjared closed 10 months ago

jjared commented 11 months ago

The DontRespondTo config option only accepts IPv4 addresses, and so if a network uses IPv6 by default there is no way to ignore specific IPs. Attempting to put an IPv6 address into the config results in a configuration parsing error:

Traceback (most recent call last):
  File "/usr/share/responder/./Responder.py", line 62, in <module>
    settings.Config.ExpandIPRanges()
  File "/usr/share/responder/settings.py", line 67, in ExpandIPRanges
    self.DontRespondTo = expand_ranges(self.DontRespondTo)
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/share/responder/settings.py", line 53, in expand_ranges
    x[i] = x[i+1] = int(byte)
                    ^^^^^^^^^
ValueError: invalid literal for int() with base 10: '::FFFF:10'

Similarly, the autoignore option only adds the IPv4 address and fails as well:

[*] Adding client 10.3.2.110 to auto-ignore list
[*] [MDNS] Poisoned answer sent to 10.3.2.110      for name ...
[*] [MDNS] Poisoned answer sent to 10.3.2.110      for name ...
lgandx commented 10 months ago

I just tried this issue and I'm able to set DontRespondTo to either (or both) IPv4 or IPv6 address, and it works as intended.

Please provide more detail.

Thanks,

Sham-Report commented 10 months ago

I need some help here with the same issue. The following is the interface that i am trying to use

utun7: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
    inet 10.10.16.17 --> 10.10.16.1 netmask 0xfffffe00 
    inet6 fe80::bed0:74ff:fe1b:cb9%utun7 prefixlen 64 scopeid 0x1a 
    inet6 dead:beef:4::100f prefixlen 64 
    nd6 options=201<PERFORMNUD,DAD>
Screenshot 2024-01-06 at 11 46 21 PM

The following is the error:

(htbdeps) ShaDe@shams-MacBook-Pro Responder % sudo python3 Responder.py -i utun7
Password:
                                         __
  .----.-----.-----.-----.-----.-----.--|  |.-----.----.
  |   _|  -__|__ --|  _  |  _  |     |  _  ||  -__|   _|
  |__| |_____|_____|   __|_____|__|__|_____||_____|__|
                   |__|

           NBT-NS, LLMNR & MDNS Responder 3.1.4.0

  To support this project:
  Github -> https://github.com/sponsors/lgandx
  Paypal  -> https://paypal.me/PythonResponder

  Author: Laurent Gaffie (laurent.gaffie@gmail.com)
  To kill this script hit CTRL-C

[+] You don't have an IPv6 address assigned.
Traceback (most recent call last):
  File "/Users/ShaDe/htb/Responder/Responder.py", line 63, in <module>
    settings.Config.populate(options)
  File "/Users/ShaDe/htb/Responder/settings.py", line 182, in populate
    self.IP_aton   = socket.inet_aton(self.Bind_To)
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
OSError: illegal IP address string passed to inet_aton
lgandx commented 10 months ago

Sorry, there is no support for OsX.

You can always run a linux vm in bridge mode