github SecureAuthCorp/impacket impacket_0_9_14
impacket_0_9_14: impacket 0.9.14

6 years ago
  1. Library improvements:
    • [MS-TSCH] - ATSVC, SASec and ITaskSchedulerService Interface implementations
    • [MS-DRSR] - Directory Replication Service DRSUAPI Interface implementation
    • Network Data Representation (NDR) runtime overhaul. Big performance and reliability improvements achieved
    • Unicode support (optional) for the SMBv1 stack (by @rdubourguais)
    • NTLMv2 enforcement option on SMBv1 client stack (by @scriptjunkie)
    • Kerberos support for TDS (MSSQL)
    • Extended present flags support on RadioTap class
    • Old DCERPC runtime code removed
  2. Examples improvements:
    • Added Kerberos authentication support
    • It now uses ITaskSchedulerService interface, adding support for Windows 2012 R2
      • If no file to upload and execute is specified (-E) it just dumps the target user's hashes by default
      • Added -c option to execute custom commands in the target (by @byt3bl33d3r)
      • Active Directory hashes/Kerberos keys are dumped using [MS-DRSR]-(IDL_DRSGetNCChanges method)
        by default. VSS method is still available by using the -use-vss switch
      • Added -just-dc (Extract only NTDS.DIT NTLM Hashes and Kerberos) and -just-dc-ntlm ( only NTDS.DIT NTLM Hashes ) options
      • Added resume capability (only for NTDS in DRSUAPI mode) in case the connection drops. Use -resumefile option
      • Added Primary:CLEARTEXT Property from supplementalCredentials attribute dump
      • Add support for multiple password encryption keys (PEK) (by @s0crat)
    • Tests all DCs in domain and adding forest's enterprise admin group inside PAC
  3. New examples:
    • Child domain to forest privilege escalation exploit. Implements a child-domain to forest privilege
      escalation as detailed by Sean Metcalf (@PyroTek3) at It (ab)uses the concept of Golden Tickets and ExtraSids researched and implemented by Benjamin Delpy (@gentilkiwi) in mimikatz
    • Gets a list of the sessions opened at the remote hosts and keep track of them (original idea by @mubix)

Don't miss a new impacket release

NewReleases is sending notifications on new releases.