From 9d7dd8aef45f1e526840af52638515d3e821c793 Mon Sep 17 00:00:00 2001 From: James Cook Date: Tue, 13 Feb 2018 10:12:59 -0700 Subject: [PATCH 1/7] Add random computer names Each request will now send a unique computer name with each request. There are 4 different buckets of names to choose from and each is chosen randomly and combined randomly on each function call. Once the computer name is returned the bytes to broadcast are updated. The Makefile has also been updated to include the new computers.go file. --- Makefile | 12 ++++++------ computernames.go | 31 +++++++++++++++++++++++++++++++ respounder.go | 19 +++++++++++-------- 3 files changed, 48 insertions(+), 14 deletions(-) create mode 100644 computernames.go diff --git a/Makefile b/Makefile index 6dd2e73..36ffd8b 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ all: - GOOS=windows GOARCH=386 go build -o binaries/respounder-x86.exe respounder.go - GOOS=windows GOARCH=amd64 go build -o binaries/respounder-x64.exe respounder.go - GOOS=linux GOARCH=386 go build -o binaries/respounder-x86 respounder.go - GOOS=linux GOARCH=amd64 go build -o binaries/respounder-x64 respounder.go - GOOS=darwin GOARCH=386 go build -o binaries/respounder-osx respounder.go - GOOS=darwin GOARCH=amd64 go build -o binaries/respounder-osx64 respounder.go + GOOS=windows GOARCH=386 go build -o binaries/respounder-x86.exe respounder.go computernames.go + GOOS=windows GOARCH=amd64 go build -o binaries/respounder-x64.exe respounder.go computernames.go + GOOS=linux GOARCH=386 go build -o binaries/respounder-x86 respounder.go computernames.go + GOOS=linux GOARCH=amd64 go build -o binaries/respounder-x64 respounder.go computernames.go + GOOS=darwin GOARCH=386 go build -o binaries/respounder-osx respounder.go computernames.go + GOOS=darwin GOARCH=amd64 go build -o binaries/respounder-osx64 respounder.go computernames.go diff --git a/computernames.go b/computernames.go new file mode 100644 index 0000000..7b54d7d --- /dev/null +++ b/computernames.go @@ -0,0 +1,31 @@ +package main + +import ( + "math/rand" + "strings" +) + +var ( + computerName = []string{"laptop", "workstation", "server"} + firstName = []string{"alice", "bob", "john"} + lastName = []string{"smith", "johnson", "williams"} + jobName = []string{"dev", "qa", "ops", "hr"} +) + +func getRandomNumber(length int) int { + return rand.Intn(length) +} + +func getComputerName() string { + dstSlice := make([]string, 4) + srcSlice := make([]string, 4) + srcSlice[0] = computerName[getRandomNumber(len(computerName))] + srcSlice[1] = firstName[getRandomNumber(len(firstName))] + srcSlice[2] = lastName[getRandomNumber(len(lastName))] + srcSlice[3] = jobName[getRandomNumber(len(jobName))] + perm := rand.Perm(4) + for i, v := range perm { + dstSlice[v] = srcSlice[i] + } + return strings.Join(dstSlice[:], "") +} diff --git a/respounder.go b/respounder.go index 60b665d..3b0ebad 100644 --- a/respounder.go +++ b/respounder.go @@ -24,7 +24,7 @@ const ( '-' ` - Version = 1.0 + Version = 1.1 TimeoutSec = 3 BcastAddr = "224.0.0.252" LLMNRPort = 5355 @@ -46,6 +46,10 @@ var ( `Creates a debug.log file with a trace of the program`) ) +func init() { + rand.Seed(time.Now().UnixNano()) +} + func main() { initFlags() @@ -107,14 +111,13 @@ func checkResponderOnInterface(inf net.Interface) map[string]string { func sendLLMNRProbe(ip net.IP) string { responderIP := "" // 2 byte random transaction id eg. 0x8e53 - rand.Seed(time.Now().UnixNano()) - randomTransactionId := fmt.Sprintf("%04x", rand.Intn(65535)) - + randomTransactionID := fmt.Sprintf("%04x", rand.Intn(65535)) + computerName := getComputerName() + cNameLen := fmt.Sprintf("%2x", len(computerName)) + encCName := hex.EncodeToString([]byte(computerName)) // LLMNR request in raw bytes - // TODO: generate a new computer name evertime instead of the - // hardcoded value 'awierdcomputername' - llmnrRequest := randomTransactionId + - "0000000100000000000012617769657264636f6d70757465726e616d650000010001" + llmnrRequest := randomTransactionID + + "00000001000000000000" + cNameLen + encCName + "0000010001" n, _ := hex.DecodeString(llmnrRequest) remoteAddr := net.UDPAddr{IP: net.ParseIP(BcastAddr), Port: LLMNRPort} From a21af4fd6031f3d3ba7826bf6a9985df537b9f62 Mon Sep 17 00:00:00 2001 From: Dan Borges Date: Wed, 14 Feb 2018 15:28:17 -0800 Subject: [PATCH 2/7] Update respounder.go --- respounder.go | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/respounder.go b/respounder.go index 60b665d..a8d09f6 100644 --- a/respounder.go +++ b/respounder.go @@ -24,7 +24,7 @@ const ( '-' ` - Version = 1.0 + Version = 1.1 TimeoutSec = 3 BcastAddr = "224.0.0.252" LLMNRPort = 5355 @@ -37,13 +37,20 @@ var ( // default logger is set to abyss logger = log.New(ioutil.Discard, "", 0) + // default computername to broadcast + computerName = "aweirdcomputername" + // argument flags jsonPtr = flag.Bool("json", false, `Prints a JSON to STDOUT if a responder is detected on - network. Other text is sent to STDERR`) + network. Other text is sent to STDERR`) debugPtr = flag.Bool("debug", false, `Creates a debug.log file with a trace of the program`) + + compPtr = flag.String("computername", "aweirdcomputername", + `Overrides the default computer name`) + ) func main() { @@ -51,6 +58,10 @@ func main() { fmt.Fprintln(os.Stderr, Banner) + if *compPtr != "aweirdcomputername" { + computerName = *compPtr + } + interfaces, _ := net.Interfaces() logger.Println("======== Starting RESPOUNDER ========") logger.Printf("List of all interfaces: \n %+v\n", interfaces) @@ -108,13 +119,13 @@ func sendLLMNRProbe(ip net.IP) string { responderIP := "" // 2 byte random transaction id eg. 0x8e53 rand.Seed(time.Now().UnixNano()) - randomTransactionId := fmt.Sprintf("%04x", rand.Intn(65535)) + randomTransactionID := fmt.Sprintf("%04x", rand.Intn(65535)) + + cNameLen := fmt.Sprintf("%2x", len(computerName)) + encCName := hex.EncodeToString([]byte(computerName)) + + llmnrRequest := randomTransactionID + "00000001000000000000" + cNameLen + encCName + "0000010001" - // LLMNR request in raw bytes - // TODO: generate a new computer name evertime instead of the - // hardcoded value 'awierdcomputername' - llmnrRequest := randomTransactionId + - "0000000100000000000012617769657264636f6d70757465726e616d650000010001" n, _ := hex.DecodeString(llmnrRequest) remoteAddr := net.UDPAddr{IP: net.ParseIP(BcastAddr), Port: LLMNRPort} @@ -159,7 +170,7 @@ func getValidIPv4Addr(addrs []net.Addr) net.IP { func initFlags() { flag.Usage = func() { fmt.Fprintf(os.Stderr, "Respounder version %1.1f\n", Version) - fmt.Fprintf(os.Stderr, "Usage: $ respounder [-json] [-debug]") + fmt.Fprintf(os.Stderr, "Usage: $ respounder [-json] [-debug] [-computername anewcomputername]") fmt.Fprintf(os.Stderr, "\n\nFlags:\n") flag.PrintDefaults() } From d8e6be6f39fde52ee70434b8bb42833baa5e69e0 Mon Sep 17 00:00:00 2001 From: Dan Borges Date: Wed, 14 Feb 2018 15:54:25 -0800 Subject: [PATCH 3/7] Update respounder.go --- respounder.go | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/respounder.go b/respounder.go index a8d09f6..782ad58 100644 --- a/respounder.go +++ b/respounder.go @@ -49,19 +49,20 @@ var ( `Creates a debug.log file with a trace of the program`) compPtr = flag.String("computername", "aweirdcomputername", - `Overrides the default computer name`) + `Overrides the default computer name, requires at least 16 charcter hostname`) ) func main() { initFlags() - - fmt.Fprintln(os.Stderr, Banner) + flag.Parse() if *compPtr != "aweirdcomputername" { - computerName = *compPtr + computerName = string(*compPtr) } + fmt.Fprintln(os.Stderr, Banner) + interfaces, _ := net.Interfaces() logger.Println("======== Starting RESPOUNDER ========") logger.Printf("List of all interfaces: \n %+v\n", interfaces) From 025fec609e9799bd8d63cd2e4de55b9d2026730a Mon Sep 17 00:00:00 2001 From: Dan Borges Date: Wed, 14 Feb 2018 15:56:58 -0800 Subject: [PATCH 4/7] Update respounder.go --- respounder.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/respounder.go b/respounder.go index 782ad58..4941c82 100644 --- a/respounder.go +++ b/respounder.go @@ -171,7 +171,7 @@ func getValidIPv4Addr(addrs []net.Addr) net.IP { func initFlags() { flag.Usage = func() { fmt.Fprintf(os.Stderr, "Respounder version %1.1f\n", Version) - fmt.Fprintf(os.Stderr, "Usage: $ respounder [-json] [-debug] [-computername anewcomputername]") + fmt.Fprintf(os.Stderr, "Usage: $ respounder [-json] [-debug] [-computername anewcomputername!]") fmt.Fprintf(os.Stderr, "\n\nFlags:\n") flag.PrintDefaults() } From aaa80db2b92d4acb268ed5f3d3e7789788743416 Mon Sep 17 00:00:00 2001 From: James Cook Date: Thu, 15 Feb 2018 12:58:48 -0700 Subject: [PATCH 5/7] update README.md --- README.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 76d36fd..c889a97 100644 --- a/README.md +++ b/README.md @@ -33,7 +33,7 @@ the following will build the binary from scratch ``` $ git clone https://github.com/codeexpress/respounder $ cd respounder -$ go build respounder +$ go build -o respounder respounder.go computernames.go ``` ## Usage @@ -58,16 +58,22 @@ $ ./respounder ### Flags ``` -$ ./respounder [-json] [-debug] +$ ./respounder [-json] [-debug] [-computername anewcomputername! | -rcomputername | -rstring] Flags: + -computername string + Overrides the default computer name, requires at least 16 charcter hostname (default "aweirdcomputername") + -debug + Creates a debug.log file with a trace of the program -json Prints a JSON to STDOUT if a responder is detected on network. Other text is sent to STDERR - -debug - Creates a debug.log file with a trace of the program -help Displays this help + -rcomputername + Overrides the default computer name, with a random choice of words + -rstring + Overrides the default computer name, with a completely random string ``` From 4cc75f398777ddb4062a55f31ca7eb537ebf7e70 Mon Sep 17 00:00:00 2001 From: James Cook Date: Thu, 15 Feb 2018 13:16:15 -0700 Subject: [PATCH 6/7] Added random chance of char getting set to upper case --- computernames.go | 11 ++++++++--- respounder.go | 4 +--- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/computernames.go b/computernames.go index ae53c63..b269e62 100644 --- a/computernames.go +++ b/computernames.go @@ -40,14 +40,19 @@ func getComputerName() string { func randomString() string { strLen := getRandomNumberBetween(16, 32) compName := make([]string, strLen) - var numOrStr int for x := 0; x < strLen; x++ { - numOrStr = getRandomNumber(2) + numOrStr := getRandomNumber(2) + upperOrLower := getRandomNumber(2) switch numOrStr { case 0: compName[x] = num[getRandomNumber(len(num))] case 1: - compName[x] = alph[getRandomNumber(len(alph))] + switch upperOrLower { + case 0: + compName[x] = alph[getRandomNumber(len(alph))] + case 1: + compName[x] = strings.ToUpper(alph[getRandomNumber(len(alph))]) + } } } return strings.Join(compName, "") diff --git a/respounder.go b/respounder.go index d3669a7..adc94a2 100644 --- a/respounder.go +++ b/respounder.go @@ -140,9 +140,7 @@ func sendLLMNRProbe(ip net.IP) string { // 2 byte random transaction id eg. 0x8e53 randomTransactionID := fmt.Sprintf("%04x", rand.Intn(65535)) switch comNameType { - case def: - cName = string(*compPtr) - case newComp: + case def, newComp: cName = string(*compPtr) case randCom: cName = getComputerName() From 14335fdb769cf5925a7337b8f0c39857a4c2fec9 Mon Sep 17 00:00:00 2001 From: Code Express Date: Sun, 18 Feb 2018 12:26:27 -0800 Subject: [PATCH 7/7] changed binary names --- Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Makefile b/Makefile index 6dd2e73..4db95b4 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ all: - GOOS=windows GOARCH=386 go build -o binaries/respounder-x86.exe respounder.go - GOOS=windows GOARCH=amd64 go build -o binaries/respounder-x64.exe respounder.go - GOOS=linux GOARCH=386 go build -o binaries/respounder-x86 respounder.go - GOOS=linux GOARCH=amd64 go build -o binaries/respounder-x64 respounder.go - GOOS=darwin GOARCH=386 go build -o binaries/respounder-osx respounder.go + GOOS=windows GOARCH=386 go build -o binaries/respounder-win32.exe respounder.go + GOOS=windows GOARCH=amd64 go build -o binaries/respounder-win64.exe respounder.go + GOOS=linux GOARCH=386 go build -o binaries/respounder-linux32 respounder.go + GOOS=linux GOARCH=amd64 go build -o binaries/respounder-linux64 respounder.go + GOOS=darwin GOARCH=386 go build -o binaries/respounder-osx32 respounder.go GOOS=darwin GOARCH=amd64 go build -o binaries/respounder-osx64 respounder.go