search

lgandx / Responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
GNU General Public License v3.0
5.39k stars 768 forks source link

RunFinger.py: Signing not recognized #271

Closed massimiliano-dalcero closed 5 months ago

massimiliano-dalcero commented 6 months ago

Hello, I cloned as is the project and I noticed that signing was not recognized correctly: it was always set to false even when it was enabled

With Pyhon 3.10 and 3.11, it works by modifying the code:

FROM:

SMB2SigningMandatory(data):
     global SMB2signing
     if data[70:71] == b"\x03":
         SMB2signing = "True"
     else:
         SMB2signing = "False"

TO:

SMB2SigningMandatory(data):
     global SMB2signing
     if data[70:71] == "\x03":
         SMB2signing = "True"
     else:
         SMB2signing = "False"

However, I don't know if the byte prefix problem is wider and needs to be modified elsewhere too.

I replaced all "b" prefix except to:

def ParseNegotiateSMB2Ans(data):
    if data[4:8] == b"\xfeSMB":
        return True
    else:
        return False

And now, appear to works, but I don't know the global side effects.

lgandx commented 5 months ago

Good catch, this has been fixed in https://github.com/lgandx/Responder/commit/413bc8be3169d215f7d5f251a78c8d8404e52f61

Cheers,