Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Responder not Responding #300

Open
z0kk opened this issue Jan 23, 2025 · 0 comments
Open

Responder not Responding #300

z0kk opened this issue Jan 23, 2025 · 0 comments

Comments

@z0kk
Copy link

z0kk commented Jan 23, 2025

So I'm pretty new to Responder and I have what very well may be a silly question. I run Responder.py -I ens192, which enables the LLMNR, NBT-NS, and DMS/MDNS poisoners and all of the default servers, including smb.

Image

Image

If I browse from my desktop (same subnet as Responder) directly to the responder server (e.g. \\actual_hostname\anything), responder grabs the hash. If I browse from my desktop to a fake host (\\fakehost\anything), responder doesn't do anything. However, as soon as I try browsing to the fake hostname, tcpdump running on the responder server shows three packets hitting the responder host from my desktop:

11:50:38.811772 IP 192.168.56.240.137 > 192.168.56.255.137: UDP, length 50
11:50:39.563543 IP 192.168.56.240.137 > 192.168.56.255.137: UDP, length 50
11:50:40.325680 IP 192.168.56.240.137 > 192.168.56.255.137: UDP, length 50

If I'm not mistaken, that's netbios name resolution traffic. So my question is why Responder doesn't...like...respond.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@z0kk