redteampentesting / pretender Goto Github PK
View Code? Open in Web Editor NEWYour MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing.
License: MIT License
pretender's People
Contributors
Stargazers
Watchers
Forkers
nanaao h1d3r kepler404 markoetie xinyuweb startagain2016 matt-moses epichoxha justinforbes jlexposito gavz chouaibhm 5m7x aben1979 kimathi-githinji 0xrobert subedibibek-cmd jabdy86 uakbr tony163163 killvxk red-infosec ellen2015 shantanu561993 watsonso l34rn butnomingzi dannymas blackhatethicalhacking ipc-security 5l1v3r1 bbhunter slooppe silocityit helix-com rtforks shizonic cvlabsio tmcmil burpbounty juegonegro1991 xcalibure2 tobey123 dyetto chanpu9 dievus e1abrador thecr3g 0x5a65726f4b65776c cyberpunk-1982 alexisparedes redpr0jects sinw0lf zpaav pwnf sp00ks-git nonfind 3tternp kawa5604 anir0y cmjlove1 abhi-jhapretender's Issues
Pretender not working inside docker container.
I'm not sure why, but this tool doesn't seem to be functional inside of a docker container, without the --network=host flag.
Mainly the responder-like parts of the tool do not seem to be working, but will work on Responder itself instead.
However, on the host, both will work.
Is there a specific reason why this may happen, or am I just doing something wrong.
I'm running kali linux w latest pretender on both the release and manual build. (Same problem w both.)
Respond to SOA queries and dynamic updates for Kerberos relaying
Pretender should respond to SOA queries and dynamic updates to support the Kerberos relaying attack outlined in https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/.
Filtering with --spoof-for
Hi,
first of all thanks for this great tool :D
I have a feature request regarding filtering with --spoof-for.
Following example:
# pretender --verbose --interface ens18 --no-lnr --spoof-for 192.168.2.2
Pretender by RedTeam Pentesting built from git commit 69d85ac239
Listening on interface: ens18
IPv4 relayed to: 192.168.2.12
IPv6 relayed to: fe80::8f6:4eff:fef4:f415
Answering queries from: 192.168.2.2
23:44:35 [DNS] listening via TCP on [fe80::8f6:4eff:fef4:f415%ens18]:53
23:44:35 [DNS] listening via UDP on [fe80::8f6:4eff:fef4:f415%ens18]:53
23:44:35 [DHCPv6] listening via UDP on [ff02::1:2%ens18]:547
23:44:36 [RA] sending router advertisement on ens18
23:44:51 [DHCPv6] ignoring DHCP SOLICIT request from fe80::d09b:746d:4510:5d8c (win2016.arasaka.local, 192.168.2.2): host not in spoof-for list
I think pretender should answer the DHCPv6 request, because it knows that fe80::d09b:746d:4510:5d8c belongs to the allowed address 192.168.2.2.
Otherwise allowing only specific IPs is quiet cumbersome because you have to know the IPv6 address in beforehand.
Another case is this:
# pretender --verbose --interface ens18 --no-lnr --spoof-for win2016.arasaka.local
Pretender by RedTeam Pentesting built from git commit 69d85ac239
Listening on interface: ens18
IPv4 relayed to: 192.168.2.12
IPv6 relayed to: fe80::8f6:4eff:fef4:f415
Answering queries from: win2016.arasaka.local (192.168.2.2)
23:39:10 [DHCPv6] listening via UDP on [ff02::1:2%ens18]:547
23:39:10 [DNS] listening via TCP on [fe80::8f6:4eff:fef4:f415%ens18]:53
23:39:10 [DNS] listening via UDP on [fe80::8f6:4eff:fef4:f415%ens18]:53
23:39:11 [RA] sending router advertisement on ens18
23:39:38 [DHCPv6] responding to SOLICIT from fe80::d09b:746d:4510:5d8c (win2016.arasaka.local, 192.168.2.2) by assigning IPv6 "fe80::8000:c66d:7e7b:5e75"
23:39:39 [DHCPv6] responding to REQUEST from fe80::d09b:746d:4510:5d8c (win2016.arasaka.local, 192.168.2.2) by assigning DNS server and IPv6 "fe80::8000:c66d:7e7b:5e75"
23:39:39 [DNS] ignoring query for "win2016.arasaka.local" (SOA) from fe80::8000:c66d:7e7b:5e75 (192.168.2.2): host address and name not in spoof-for list
Here it would be nice if the query from fe80::8000:c66d:7e7b:5e75 (192.168.2.2) would be answered, because pretender knows that fe80::8000:c66d:7e7b:5e75 belongs to 192.168.2.2 which in turn belongs to win2016.arasaka.local.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.