May 2015 - 0.9.13:
- Library improvements
Kerberos support for SMB and DCERPC featuring:
SMBConnection(all SMB versions).
b. Support for
RPC_C_AUTHN_GSS_NEGOTIATEat the DCERPC layer. This will negotiate Kerberos. This also includes DCOM.
c. Pass-the-hash, pass-the-ticket and pass-the-key support.
d. Ccache support, compatible with Kerberos utilities (kinit, klist, etc).
e. Support for
f. Support for
SMB3 encryption support. Pycrypto experimental version that supports
[MS-SAMR]: Supplemental Credentials support (used by secretsdump.py)
a. SMB2 (2.002) dialect experimental support.
b. Adding capability to export to John The Ripper format files
Library logging overhaul. Now there's a single logger called 'impacket'.
- Examples improvements:
- Added Kerberos support to all modules (incl. pass-the-ticket/key)
- Ported most of the modules to the new dcerpc.v5 runtime.
- secretsdump.py: Added dumping Kerberos keys when parsing NTDS.DIT
- smbserver.py: support for SMB2 (not enabled by default)
- smbrelayx.py: Added support for MS15-027 exploitation.
- New examples:
- goldenPac.py: MS14-068 exploit. Saves the golden ticket and also launches a
psexec session at the target.
- karmaSMB.py: SMB Server that answers specific file contents regardless of
the SMB share and pathname requested.
- wmipersist.py: Creates persistence over WMI. Adds/Removes WMI Event
Consumers/Filters to execute VBS based on a WQL filter or timer specified.
- netview.py: Gets a list of the sessions opened at the remote hosts looping over the hosts found keeping track of who logged in/out from remote servers