lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 7 Feb 2015 22:05:15 -0500
From: laurent gaffie <laurent.gaffie@...il.com>
To: fulldisclosure@...lists.org
Subject: [FD] Responder Windows Version

Responder for Windows is meant to propagate further compromises from a
Windows workstation/server.

Features includes:

- Be able to propagate (pivoting) compromises across subnets and domains
from any compromised Windows machine ranging from Windows 2000 to 8.1,
Server 2012R2.

- This tool can also be used to compromise a domain from an external
penetration test.

- This version will disable NetBIOS on all interfaces and the current
firewall profile (no reboot needed) on the target host.

- Default values will be turned back On when killing Responder (CRTL-C).

- LLMNR and Netbios works out of the box on any Windows XP-2003

- Netbios support works on all versions.

- Best way to collect hashes with this Windows version: Responder.exe -i
IP_Addr -rF


Installing:

- Binary:
Just drop the executable and the configuration file (Responder.conf) inside
a directory (eg: c:/temp/responder) and launch it.

- From source:
Install python on a Windows machine.
run "pip install pyinstaller"
cd in Responder source directory
pyinstaller --onefile -F Responder.py
Your binary will be located in the folder dist/

- Executing the source direclty:
You can run Responder as usual from the source folder (with python
installed): python Responder.py


Considerations:
- Make sure you have administrative privileges.
- Make sure to include a conventional Responder.conf file in Responder
running directory.
- Any rogue server can be turn off in Responder.conf.
- The Wpad proxy server is known to be buggy on some Windows versions. It's
not recommended to use it.
- For now, SMB rogue authentication server is *not* supported.

You can download Responder for Windows (Beta) sources and binaries at the
following url:
https://github.com/lgandx/Responder-Windows

Follow latest updates on twitter:
https://twitter.com/PythonResponder

Cheers,

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ