lanturtle-modules/modules/responder

#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0"
DESCRIPTION="Responder - LLMNR, NBT-NS and MDNS poisoner"
CONF=/tmp/responder.form
AUTHOR=IMcPwn

: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ESC=255}

function start {
  if [ -s /etc/config/responder ];
  then
    if [[ ! $(opkg list-installed | grep git) ]]; then
      opkg update && opkg install git
    fi
  
    if [[ ! $(opkg list-installed | grep python-sqlite3) ]]; then
      opkg update && opkg install python-sqlite3
    fi

    if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py ]]; then
        rm -r /etc/turtle/Responder
        git clone git://github.com/SpiderLabs/Responder /etc/turtle/Responder
    fi
    
    responder_log=$(uci get responder.log)
    case $responder_log in
      sshfs)
        if pgrep sshfs > /dev/null; then 
          if [ -s /etc/turtle/Responder/Responder.db ]; then
            rm -r /etc/turtle/Responder/Responder.db
          fi
          if [[ $(readlink /etc/turtle/Responder/logs) != "/sshfs/Responder/logs" || ! -d /sshfs/Responder/logs ]]; then
            rm -r /etc/turtle/Responder/logs
            mkdir -p /sshfs/Responder/logs
            ln -s /sshfs/Responder/logs /etc/turtle/Responder/logs
          fi
          echo "python /etc/turtle/Responder/Responder.py -I br-lan" | at now
          echo "Responder started and logs are being saved to /sshfs/Responder/logs"
        else 
          echo "SSHFS not running"
        fi
        ;;
      tmp)
        if [ -s /etc/turtle/Responder/Responder.db ]; then
          rm -r /etc/turtle/Responder/Responder.db
        fi
        if [[ $(readlink /etc/turtle/Responder/logs) != "/tmp/Responder/logs" || ! -d /tmp/Responder/logs ]]; then
          rm -r /etc/turtle/Responder/logs
          mkdir -p /tmp/Responder/logs
          ln -s /tmp/Responder/logs /etc/turtle/Responder/logs
        fi
          echo "python /etc/turtle/Responder/Responder.py -I br-lan" | at now
          echo "Responder started and logs are being saved to /tmp/Responder/logs"
        ;;
    esac
  else
    echo "Responder not configured."
  fi
}

function stop {
  kill $(ps | grep -w [/]etc/turtle/Responder/Responder.py | awk {'print $1'})
}

function status {
  if ps | grep -w -q [/]etc/turtle/Responder/Responder.py; then echo "1"; else echo "0"; fi
}

function configure {
  if [ -s /etc/config/responder ];
  then
    responder_log=$(uci get responder.log)
  else
    touch /etc/config/responder
  fi

  dialog --ok-label "Submit" \
    --help-button \
    --title "Responder Configuration" \
    --radiolist "\n\
Responder will listen on a variety of ports to gather credentials. See Help for more information.\n\nNote: the first time you run this module it may take a long time to load because of dependencies.\n\nThe log files can be saved to SSHFS or tmp.\n" 16 60 3\
    1 "Save log to SSHFS if available." off\
    2 "Save log to /tmp/" off\
  2>$CONF

  return=$?

  case $return in
    $DIALOG_OK)
      LOG=$(cat $CONF)
      case $LOG in
        1)
          uci set responder.log="sshfs"
          uci commit responder
          ;;
        2)
          uci set responder.log="tmp"
          uci commit responder
          ;;
      esac
    ;;
    $DIALOG_CANCEL)
      rm $CONF
      clear
      exit;;
    $DIALOG_HELP)
      dialog --title "Help" \
        --msgbox "\
Responder is an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409).\n\
By default, the tool will only answer to File Server Service request, which is for SMB.\n\n\
The concept behind this is to target our answers, and be stealthier on the network. This also helps to ensure that we don't break legitimate NBT-NS behavior.\n\n\
All activity will be logged to Responder-Session.log\n\
Analyze mode will be logged to Analyze-Session.log\n\
Poisoning will be logged to Poisoners-Session.log\n\n\
All hashes are dumped an unique file John Jumbo compliant, using this format:\n\
(MODULE_NAME)-(HASH_TYPE)-(CLIENT_IP).txt\n\n\
For even more information, see: https://github.com/SpiderLabs/Responder\n\
" 25 60
      configure
      ;;
    $DIALOG_ESC)
      clear;;
  esac
}
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`#!/bin/bash /usr/lib/turtle/turtle_module`
			`VERSION="1.0"`
			`DESCRIPTION="Responder - LLMNR, NBT-NS and MDNS poisoner"`
			`CONF=/tmp/responder.form`
			`AUTHOR=IMcPwn`

			`: ${DIALOG_OK=0}`
			`: ${DIALOG_CANCEL=1}`
			`: ${DIALOG_HELP=2}`
			`: ${DIALOG_EXTRA=3}`
			`: ${DIALOG_ESC=255}`

			`function start {`
Minor updates 2015-09-27 01:46:31 +00:00			`if [ -s /etc/config/responder ];`
			`then`
			`if [[ ! $(opkg list-installed \| grep git) ]]; then`
			`opkg update && opkg install git`
			`fi`
Add dependency installer and fix formatting 2015-09-19 14:22:10 +00:00
Minor updates 2015-09-27 01:46:31 +00:00			`if [[ ! $(opkg list-installed \| grep python-sqlite3) ]]; then`
			`opkg update && opkg install python-sqlite3`
			`fi`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00
Minor updates 2015-09-27 01:46:31 +00:00			`if [[ ! -d /etc/turtle/Responder \|\| ! -s /etc/turtle/Responder/Responder.py ]]; then`
			`rm -r /etc/turtle/Responder`
			`git clone git://github.com/SpiderLabs/Responder /etc/turtle/Responder`
			`fi`

New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`responder_log=$(uci get responder.log)`
			`case $responder_log in`
			`sshfs)`
			`if pgrep sshfs > /dev/null; then`
Minor fixes and upgrades Remove Responder Database. Add check for previous logs. 2015-09-19 22:21:56 +00:00			`if [ -s /etc/turtle/Responder/Responder.db ]; then`
Fix formatting of start 2015-09-19 22:23:50 +00:00			`rm -r /etc/turtle/Responder/Responder.db`
			`fi`
More specific log change check 2015-09-27 00:26:51 +00:00			`if [[ $(readlink /etc/turtle/Responder/logs) != "/sshfs/Responder/logs" \|\| ! -d /sshfs/Responder/logs ]]; then`
Minor fixes and upgrades Remove Responder Database. Add check for previous logs. 2015-09-19 22:21:56 +00:00			`rm -r /etc/turtle/Responder/logs`
			`mkdir -p /sshfs/Responder/logs`
Fix formatting of start 2015-09-19 22:23:50 +00:00			`ln -s /sshfs/Responder/logs /etc/turtle/Responder/logs`
			`fi`
Remove unnecessary if/else 2015-09-19 17:16:14 +00:00			`echo "python /etc/turtle/Responder/Responder.py -I br-lan" \| at now`
Add quotes around start message 2015-09-19 23:03:29 +00:00			`echo "Responder started and logs are being saved to /sshfs/Responder/logs"`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`else`
			`echo "SSHFS not running"`
			`fi`
			`;;`
			`tmp)`
Fix formatting of start 2015-09-19 22:23:50 +00:00			`if [ -s /etc/turtle/Responder/Responder.db ]; then`
			`rm -r /etc/turtle/Responder/Responder.db`
			`fi`
More specific log change check 2015-09-27 00:26:51 +00:00			`if [[ $(readlink /etc/turtle/Responder/logs) != "/tmp/Responder/logs" \|\| ! -d /tmp/Responder/logs ]]; then`
Minor fixes and upgrades Remove Responder Database. Add check for previous logs. 2015-09-19 22:21:56 +00:00			`rm -r /etc/turtle/Responder/logs`
			`mkdir -p /tmp/Responder/logs`
Fix formatting of start 2015-09-19 22:23:50 +00:00			`ln -s /tmp/Responder/logs /etc/turtle/Responder/logs`
			`fi`
Minor fixes and upgrades Remove Responder Database. Add check for previous logs. 2015-09-19 22:21:56 +00:00			`echo "python /etc/turtle/Responder/Responder.py -I br-lan" \| at now`
Add quotes around start message 2015-09-19 23:03:29 +00:00			`echo "Responder started and logs are being saved to /tmp/Responder/logs"`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`;;`
			`esac`
			`else`
			`echo "Responder not configured."`
			`fi`
			`}`

			`function stop {`
			`kill $(ps \| grep -w [/]etc/turtle/Responder/Responder.py \| awk {'print $1'})`
			`}`

			`function status {`
			`if ps \| grep -w -q [/]etc/turtle/Responder/Responder.py; then echo "1"; else echo "0"; fi`
			`}`

			`function configure {`
Fix missing semicolon 2015-09-19 16:48:48 +00:00			`if [ -s /etc/config/responder ];`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`then`
			`responder_log=$(uci get responder.log)`
			`else`
			`touch /etc/config/responder`
			`fi`

			`dialog --ok-label "Submit" \`
			`--help-button \`
			`--title "Responder Configuration" \`
			`--radiolist "\n\`
Minor updates 2015-09-27 01:46:31 +00:00			`Responder will listen on a variety of ports to gather credentials. See Help for more information.\n\nNote: the first time you run this module it may take a long time to load because of dependencies.\n\nThe log files can be saved to SSHFS or tmp.\n" 16 60 3\`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`1 "Save log to SSHFS if available." off\`
			`2 "Save log to /tmp/" off\`
			`2>$CONF`

			`return=$?`

			`case $return in`
			`$DIALOG_OK)`
			`LOG=$(cat $CONF)`
			`case $LOG in`
			`1)`
			`uci set responder.log="sshfs"`
			`uci commit responder`
			`;;`
			`2)`
			`uci set responder.log="tmp"`
			`uci commit responder`
			`;;`
			`esac`
			`;;`
			`$DIALOG_CANCEL)`
			`rm $CONF`
			`clear`
			`exit;;`
			`$DIALOG_HELP)`
			`dialog --title "Help" \`
			`--msgbox "\`
Improve help menu 2015-09-19 14:44:26 +00:00			`Responder is an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409).\n\`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`By default, the tool will only answer to File Server Service request, which is for SMB.\n\n\`
			`The concept behind this is to target our answers, and be stealthier on the network. This also helps to ensure that we don't break legitimate NBT-NS behavior.\n\n\`
Improve help menu 2015-09-19 14:44:26 +00:00			`All activity will be logged to Responder-Session.log\n\`
			`Analyze mode will be logged to Analyze-Session.log\n\`
			`Poisoning will be logged to Poisoners-Session.log\n\n\`
			`All hashes are dumped an unique file John Jumbo compliant, using this format:\n\`
			`(MODULE_NAME)-(HASH_TYPE)-(CLIENT_IP).txt\n\n\`
Minor updates 2015-09-27 01:46:31 +00:00			`For even more information, see: https://github.com/SpiderLabs/Responder\n\`
Improve help menu 2015-09-19 14:44:26 +00:00			`" 25 60`
New module responder Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder I have created a module that can use this program and save the logs to sshfs or tmp. 2015-09-19 14:09:34 +00:00			`configure`
			`;;`
			`$DIALOG_ESC)`
			`clear;;`
			`esac`
			`}`