Responder / RunFinger

Load up the Poisoner!

Analysis mode

$ python Responder.py -I -A

Business Mode

$ python Responder.py -I -rdwP

Business Mode Proxy Auth

$ python Responder.py -I -P -v -r

Typical Responder Flow

Disable SMB and HTTP in /usr/share/responder/Responder.conf

$ python3 Responder.py -wPd --disable-ess

$ python3 Responder.py -I eth0 --wpad

$ ython3 Responder.py —wPd -I eth0

RunFinger

RunFinger is another Responder-related utility which will finger a single IP address or an IP subnet and will reveal (among other useful information) if # a target requires SMB Signing or not. This information will help with choosing targets for the MultiRelay script.

$ ./RunFinger.py -i 10.10.10.0/24

GitHub - SpiderLabs/Responder: Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.GitHub

PiBunny/RunFinger.py at master · tholum/PiBunnyGitHub

PreviousPrivExchange NextRubeus

Last updated 2 years ago