dementor 1.0.0.dev15

LLMNR/NBT-NS/mDNS Poisoner and rogue service provider

Dementor

IPv6/IPv4 LLMNR/NBT-NS/mDNS Poisoner and rogue service provider - you can think if it as Responder 2.0. Get more information on the Documentation page.

Offers

• No reliance on hardcoded or precomputed packets
• Fine-grained, per-protocol configuration using a modular system (see Docs - Configuration)
• Near-complete protocol parity with Responder (see Docs - Compatibility)
• Easy integration of new protocols via the extension system
• A lot of new protocols (e.g. IPP, MySQL, X11, ...)

Installation

Installation via pip from GitHub or PyPI:

pip install dementor

Usage

Just type in Dementor, specify the target interface and you are good to go! It is recommended to run Dementor with sudo as most protocol servers use privileged ports.

sudo Dementor -I "$INTERFACE_NAME"

Let's take a look.

CLI Options

 Usage: Dementor [OPTIONS]

╭─ Options ────────────────────────────────────────────────────────────────────────────────────────────╮
│ *  --interface  -I      NAME       Network interface to use (required for poisoning) [required]      │
│    --analyze    -A                 Only analyze traffic, don't respond to requests                   │
│    --config     -c      PATH       Path to a configuration file (otherwise standard path is used)    │
│    --option     -O      KEY=VALUE  Add an extra option to the global configuration file.             │
│    --yes        -y                 Do not ask before starting attack mode.                           │
│    --quiet      -q                 Don't print banner at startup                                     │
│    --help                          Show this message and exit.                                       │
╰──────────────────────────────────────────────────────────────────────────────────────────────────────╯

You need more?

Take a look at the Documentation on GitHub-Pages

License

Distributed under the MIT License. See LICENSE for more information.

Disclaimer

Dementor is intended only for lawful educational purposes: learning, testing in your own lab, or assessments on systems where you have explicit written authorization. You agree not to use this software to access, damage, interfere with, or exfiltrate data from systems for which you do not have permission. We make no promises about safety, completeness, or fitness for any purpose. Use at your own risk. If you discover a vulnerability, please follow responsible disclosure by using the private disclosing feature offered by GitHub.