hak5
/
lanturtle-modules
mirror of https://github.com/hak5/lanturtle-modules.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update responder 

Fix missing dependency, ping 8.8.8.8 instead of lanturtle.com, move iptables rules to functions
pull/13/head
IMcPwn 2016-08-23 13:48:33 -04:00
parent bb89d00041
commit 68d4493522
No known key found for this signature in database
GPG Key ID: 44956F63526114AC
1 changed files with 49 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
modules/responder
View File

@ -3,7 +3,7 @@
# responder by IMcPwn # responder by IMcPwn
# http://imcpwn.com # http://imcpwn.com
VERSION="2.4" VERSION="2.5"
DESCRIPTION="Responder - LLMNR, NBT-NS and MDNS poisoner" DESCRIPTION="Responder - LLMNR, NBT-NS and MDNS poisoner"
CONF=/tmp/responder.form CONF=/tmp/responder.form
AUTHOR=IMcPwn AUTHOR=IMcPwn
@ -14,6 +14,43 @@ AUTHOR=IMcPwn
: ${DIALOG_EXTRA=3} : ${DIALOG_EXTRA=3}
: ${DIALOG_ESC=255} : ${DIALOG_ESC=255}
function enable_iptables {
iptables -t filter -I INPUT 1 -i eth1 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 137 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 138 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 5553 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 21 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 139 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 1433 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 3141 -j ACCEPT
}
function disable_iptables {
#iptables -t filter -I INPUT 1 -i eth1 -j ACCEPT
iptables -t filter -D INPUT -i eth1 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 53 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 137 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 138 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 389 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 5553 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 21 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 139 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 389 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 1433 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 3141 -j ACCEPT
}
function start { function start {
if [ -s /etc/config/responder ]; if [ -s /etc/config/responder ];
then then
@ -52,6 +89,13 @@ function start {
check_internet check_internet
opkg update > /dev/null && opkg install python-sqlite3 opkg update > /dev/null && opkg install python-sqlite3
fi fi
if [[ ! $(opkg list-installed | grep python-openssl) ]];
then
echo "Dependency python-openssl not installed. Installing..."
check_internet
opkg update > /dev/null && opkg install python-openssl
fi
if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py || ! -s /etc/turtle/Responder/Responder.conf ]]; if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py || ! -s /etc/turtle/Responder/Responder.conf ]];
then then
@ -85,21 +129,7 @@ function start {
then then
if [[ $responder_interface == "eth1" ]]; if [[ $responder_interface == "eth1" ]];
then then
iptables -t filter -I INPUT 1 -i eth1 -j ACCEPT enable_iptables
iptables -I INPUT 1 -i eth1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 137 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 138 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 5553 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 21 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 139 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 1433 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 3141 -j ACCEPT
fi fi
if [ -s /etc/turtle/Responder/Responder.db ]; if [ -s /etc/turtle/Responder/Responder.db ];
@ -125,21 +155,7 @@ function start {
tmp) tmp)
if [[ $responder_interface == "eth1" ]]; if [[ $responder_interface == "eth1" ]];
then then
iptables -t filter -I INPUT 1 -i eth1 -j ACCEPT enable_iptables
iptables -I INPUT 1 -i eth1 -p udp --dport 53 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 137 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 138 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p udp --dport 5553 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 21 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 139 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 389 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 1433 -j ACCEPT
iptables -I INPUT 1 -i eth1 -p tcp --dport 3141 -j ACCEPT
fi fi
if [ -s /etc/turtle/Responder/Responder.db ]; if [ -s /etc/turtle/Responder/Responder.db ];
@ -175,22 +191,7 @@ function stop {
responder_interface=$(uci get responder.interface) responder_interface=$(uci get responder.interface)
if [[ $responder_interface == "eth1" ]]; if [[ $responder_interface == "eth1" ]];
then then
#iptables -t filter -I INPUT 1 -i eth1 -j ACCEPT disable_iptables
iptables -t filter -D INPUT -i eth1 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 53 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 137 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 138 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 389 -j ACCEPT
iptables -D INPUT -i eth1 -p udp --dport 5553 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 21 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 25 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 80 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 110 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 139 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 389 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 445 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 1433 -j ACCEPT
iptables -D INPUT -i eth1 -p tcp --dport 3141 -j ACCEPT
fi fi
if pgrep -f Responder.py > /dev/null; then kill $(pgrep -f Responder.py); fi if pgrep -f Responder.py > /dev/null; then kill $(pgrep -f Responder.py); fi
echo "Responder stopped" echo "Responder stopped"
@ -201,7 +202,7 @@ function status {
} }
function check_internet { function check_internet {
ping -q -w 5 -c 1 lanturtle.com &> /dev/null && { ping -q -w 5 -c 1 8.8.8.8 &> /dev/null && {
: :
} || { } || {
echo -e "\nThe LAN Turtle is currently offline. The previous\noperation requires an internet connection." echo -e "\nThe LAN Turtle is currently offline. The previous\noperation requires an internet connection."