github SecureAuthCorp/impacket impacket_0_9_15
impacket 0.9.15

5 years ago

Project's main page at

ChangeLog for 0.9.15:

  1. Library improvements
  • SMB3.create(): define CreateContextsOffset and CreateContextsLength when applicable (by @rrerolle)
  • Retrieve user principal name from CCache file allowing to call any script with -k and just the target system (by @MrTchuss)
  • Packet fragmentation for DCE RPC layer mayor overhaul.
  • Improved pass-the-key attacks scenarios (by @skelsec)
  • Adding a minimalistic LDAP/s implementation (supports PtH/PtT/PtK). Only search is available (and you need to
    build the search filter yourself)
  • IPv6 improvements for DCERPC/LDAP and Kerberos
  1. Examples improvements
    • Adding -dc-ip switch to all examples. It allows to specify what the IP for the domain is. It assumes the DC and KDC
      resides in the same server
      • Adding support for Win2016 TP4 in LOCAL or -use-vss mode
      • Adding -just-dc-user switch to download just a single user data (DRSUAPI mode only)
      • Support for different ReplEpoch (DRSUAPI only)
      • pwdLastSet is also included in the output file
      • New structures/flags added for 2016 TP5 PAM support
      • Adding -rpc-auth-level switch (by @gadio)
      • Added option to specify authentication status code to be sent to requesting client (by @mgeeky)
      • Added one-shot parameter. After successful authentication, only execute the attack once for each target (per protocol)
  2. New Examples
    • This module will try to find Service Principal Names that are associated with normal user account.
      This is part of the kerberoast attack researched by Tim Medin (@timmedin)
    • on steroids!. NTLM relay attack from/to multiple protocols (HTTP/SMB/LDAP/MSSQL/etc)
      (by @dirkjanm)

Don't miss a new impacket release

NewReleases is sending notifications on new releases.