Error when using Analyze mode (was using in HTB VPN)
0xcrypto opened this issue · comments
$ sudo responder -A -I tun0
__
.----.-----.-----.-----.-----.-----.--| |.-----.----.
| _| -__|__ --| _ | _ | | _ || -__| _|
|__| |_____|_____| __|_____|__|__|_____||_____|__|
|__|
NBT-NS, LLMNR & MDNS Responder 3.1.1.0
Author: Laurent Gaffie (laurent.gaffie@gmail.com)
To kill this script hit CTRL-C
[+] Poisoners:
LLMNR [OFF]
NBT-NS [OFF]
MDNS [OFF]
DNS [ON]
DHCP [OFF]
[+] Servers:
HTTP server [ON]
HTTPS server [ON]
WPAD proxy [OFF]
Auth proxy [OFF]
SMB server [ON]
Kerberos server [ON]
SQL server [ON]
FTP server [ON]
IMAP server [ON]
POP3 server [ON]
SMTP server [ON]
DNS server [ON]
LDAP server [ON]
RDP server [ON]
DCE-RPC server [ON]
WinRM server [ON]
[+] HTTP Options:
Always serving EXE [OFF]
Serving EXE [OFF]
Serving HTML [OFF]
Upstream Proxy [OFF]
[+] Poisoning Options:
Analyze Mode [ON]
Force WPAD auth [OFF]
Force Basic Auth [OFF]
Force LM downgrade [OFF]
Force ESS downgrade [OFF]
[+] Generic Options:
Responder NIC [tun0]
Responder IP [10.10.15.104]
Responder IPv6 [dead:beef:2::1166]
Challenge set [random]
Don't Respond To Names ['ISATAP']
[+] Current Session Variables:
Responder Machine Name [WIN-3CQ4CB9BXPW]
Responder Domain Name [H3A4.LOCAL]
Responder DCE-RPC Port [47978]
[+] Listening for events...
[Analyze mode: ICMP] You can ICMP Redirect on this network.
[Analyze mode: ICMP] This workstation (10.10.15.104) is not on the same subnet than the DNS server (8.8.8.8).
[Analyze mode: ICMP] Use `python tools/Icmp-Redirect.py` for more details.
[Analyze mode: ICMP] You can ICMP Redirect on this network.
[Analyze mode: ICMP] This workstation (10.10.15.104) is not on the same subnet than the DNS server (8.8.4.4).
[Analyze mode: ICMP] Use `python tools/Icmp-Redirect.py` for more details.
[Analyze mode: ICMP] You can ICMP Redirect on this network.
[Analyze mode: ICMP] This workstation (10.10.15.104) is not on the same subnet than the DNS server (192.168.0.1).
[Analyze mode: ICMP] Use `python tools/Icmp-Redirect.py` for more details.
Traceback (most recent call last):
File "/usr/share/responder/./Responder.py", line 383, in <module>
main()
File "/usr/share/responder/./Responder.py", line 274, in main
from poisoners.LLMNR import LLMNR
File "/usr/share/responder/poisoners/LLMNR.py", line 50, in <module>
IsICMPRedirectPlausible(settings.Config.Bind_To)
File "/usr/share/responder/poisoners/LLMNR.py", line 44, in IsICMPRedirectPlausible
if x != "127.0.0.1" and IsOnTheSameSubnet(x,IP) is False:
File "/usr/share/responder/utils.py", line 104, in IsOnTheSameSubnet
ipaddr = int(''.join([ '%02x' % int(x) for x in ip.split('.') ]), 16)
File "/usr/share/responder/utils.py", line 104, in <listcomp>
ipaddr = int(''.join([ '%02x' % int(x) for x in ip.split('.') ]), 16)
ValueError: invalid literal for int() with base 10: '2001:4860:4860::8888'
Same as #152
If you disable IPv6 it will work.
@fgeek tried disabling ipv6, but now HTB does not connect. Is there any way to get it working with ipv6? Also, for some reason it is working fine for my friend.
resolved by removing IPv6 dns instead of disabling the IPv6