Skip to main content

LLMNR/NBT-NS/mDNS Poisoner and rogue service provider

Project description

Dementor

IPv6/IPv4 LLMNR/NBT-NS/mDNS Poisoner and rogue service provider - you can think if it as Responder 2.0. Get more information on the Documentation page.

Offers

  • No reliance on hardcoded or precomputed packets
  • Fine-grained, per-protocol configuration using a modular system (see Docs - Configuration)
  • Near-complete protocol parity with Responder (see Docs - Compatibility)
  • Easy integration of new protocols via the extension system
  • A lot of new protocols (e.g. IPP, MySQL, X11, ...)

Installation

Installation via pip/pipx from GitHub or PyPI:

pip install dementor

Usage

Just type in Dementor, specify the target interface and you are good to go! It is recommended to run Dementor with sudo as most protocol servers use privileged ports.

sudo Dementor -I "$INTERFACE_NAME"

Let's take a look.

index_video

CLI Options

 Usage: Dementor [OPTIONS]

╭─ Options ───────────────────────────────────────────────────────────────────────────────────────────────────────────────╮
│ --interface   -I      NAME        Network interface to use (required for poisoning)                                     │
│ --analyze     -A                  Only analyze traffic, don't respond to requests                                       │
│ --config      -c      PATH        Path to a configuration file (otherwise standard path is used)                        │
│ --option      -O      KEY=VALUE   Add an extra option to the global configuration file.                                 │
│ --host        -H      HOST        Host FQDN for all protocol servers (e.g. DC01.contoso.lab). Shortcut for -O           │
│                                   Globals.Host=FQDN.                                                                    │
│ --yes,--yolo  -y                  Do not ask before starting attack mode.                                               │
│ --target      -t      NAME[,...]  Target host(s) to attack                                                              │
│ --ignore      -i      NAME[,...]  Target host(s) to ignore                                                              │
│ --quiet       -q                  Don't print banner at startup                                                         │
│ --version                         Show Dementor's version number                                                        │
│ --ts                              Log timestamps to the terminal too                                                    │
│ --paths                           Displays the default configuration paths                                              │
│ --repl        -F                  Starts Dementor in interactive mode supporting runtime configuration                  │
│ --help                            Show this message and exit.                                                           │
╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯

You need more?

Take a look at the Documentation on GitHub-Pages or at the Blog Series.

License

Distributed under the MIT License. See LICENSE for more information.

Disclaimer

Dementor is intended only for lawful educational purposes: learning, testing in your own lab, or assessments on systems where you have explicit written authorization. You agree not to use this software to access, damage, interfere with, or exfiltrate data from systems for which you do not have permission. We make no promises about safety, completeness, or fitness for any purpose. Use at your own risk. If you discover a vulnerability, please follow responsible disclosure by using the private disclosing feature offered by GitHub.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dementor-1.0.0.dev23.tar.gz (263.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

dementor-1.0.0.dev23-py3-none-any.whl (294.1 kB view details)

Uploaded Python 3

File details

Details for the file dementor-1.0.0.dev23.tar.gz.

File metadata

  • Download URL: dementor-1.0.0.dev23.tar.gz
  • Upload date:
  • Size: 263.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for dementor-1.0.0.dev23.tar.gz
Algorithm Hash digest
SHA256 90d2354ed18eddbe7ebdaa70366ac43b36ebb92a3da6b8d1e4d653098ce62322
MD5 f67be391a44f74c2e8b06a5f45236def
BLAKE2b-256 63fc50832c21f0505c1ce4ce453c50ccc0698a3ab6ce87892e56890e7723bc9e

See more details on using hashes here.

Provenance

The following attestation bundles were made for dementor-1.0.0.dev23.tar.gz:

Publisher: wheel-publish.yml on MatrixEditor/dementor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file dementor-1.0.0.dev23-py3-none-any.whl.

File metadata

  • Download URL: dementor-1.0.0.dev23-py3-none-any.whl
  • Upload date:
  • Size: 294.1 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for dementor-1.0.0.dev23-py3-none-any.whl
Algorithm Hash digest
SHA256 2d42344135f6e29f071bd7bd555fa546dd56e6dd86b513d8671302e1ba1b20fe
MD5 5e42e81c03897fd532b7b0b03e8ccea2
BLAKE2b-256 290ec3cbcceb64f9673f032628eca8bedeb3f445ae49acb8bf7060982d9d4ca1

See more details on using hashes here.

Provenance

The following attestation bundles were made for dementor-1.0.0.dev23-py3-none-any.whl:

Publisher: wheel-publish.yml on MatrixEditor/dementor

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page