From e918fe01c617e482d8b24525db581c403104ab28 Mon Sep 17 00:00:00 2001 From: lgandx Date: Tue, 24 Sep 2024 11:06:50 -0300 Subject: [PATCH] added option to disable a TLD due to windows 11 infinite loop with _dosvc --- Responder.conf | 6 +++++- settings.py | 3 ++- utils.py | 7 ++++++- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/Responder.conf b/Responder.conf index 180e94f..a9eac42 100755 --- a/Responder.conf +++ b/Responder.conf @@ -58,9 +58,13 @@ RespondToName = DontRespondTo = ; Specific NBT-NS/LLMNR names not to respond to (default = None) -; Example: DontRespondTo = NAC, IPS, IDS +; Example: DontRespondToName = NAC, IPS, IDS DontRespondToName = ISATAP +; MDNS TLD not to respond to (default = _dosvc). Do not add the ".", only the TLD. +; Example: DontRespondToTLD = _dosvc, _blasvc, etc +DontRespondToTLD = _dosvc + ; If set to On, we will stop answering further requests from a host ; if a hash has been previously captured for this host. AutoIgnoreAfterSuccess = Off diff --git a/settings.py b/settings.py index bdca9c2..ee96190 100644 --- a/settings.py +++ b/settings.py @@ -23,7 +23,7 @@ from utils import * -__version__ = 'Responder 3.1.4.0' +__version__ = 'Responder 3.1.5.0' class Settings: @@ -284,6 +284,7 @@ def populate(self, options): self.RespondTo = list(filter(None, [x.upper().strip() for x in config.get('Responder Core', 'RespondTo').strip().split(',')])) self.RespondToName = list(filter(None, [x.upper().strip() for x in config.get('Responder Core', 'RespondToName').strip().split(',')])) self.DontRespondTo = list(filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondTo').strip().split(',')])) + self.DontRespondToTLD = list(filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondToTLD').strip().split(',')])) self.DontRespondToName_= list(filter(None, [x.upper().strip() for x in config.get('Responder Core', 'DontRespondToName').strip().split(',')])) #add a .local to all provided DontRespondToName self.MDNSTLD = ['.LOCAL'] diff --git a/utils.py b/utils.py index fe2a56f..38a72b1 100644 --- a/utils.py +++ b/utils.py @@ -122,7 +122,10 @@ def RespondToThisIP(ClientIp): return False def RespondToThisName(Name): - if settings.Config.RespondToName and Name.upper() not in settings.Config.RespondToName: + + if [i for i in settings.Config.DontRespondToTLD if Name.upper().endswith(i)]: + return False + elif settings.Config.RespondToName and Name.upper() not in settings.Config.RespondToName: return False elif Name.upper() in settings.Config.RespondToName or settings.Config.RespondToName == []: if Name.upper() not in settings.Config.DontRespondToName: @@ -559,6 +562,8 @@ def StartupMessage(): print(' %-27s' % "Don't Respond To" + color(str(settings.Config.DontRespondTo), 5, 1)) if len(settings.Config.DontRespondToName): print(' %-27s' % "Don't Respond To Names" + color(str(settings.Config.DontRespondToName), 5, 1)) + if len(settings.Config.DontRespondToTLD): + print(' %-27s' % "Don't Respond To MDNS TLD" + color(str(settings.Config.DontRespondToTLD), 5, 1)) if settings.Config.TTL == None: print(' %-27s' % "TTL for poisoned response "+ color('[default]', 5, 1)) else: