Project's main page at https://www.secureauth.com/labs/open-source-tools/impacket/
ChangeLog for 0.10.0:
-
Library improvements
- Dropped support for Python 2.7.
- Refactored the testing infrastructure (@martingalloar):
- Added pytest as the testing framework to organize and mark test cases. Tox remain as the automation framework, and Coverage.py for measuring code coverage.
- Custom bash scripts were replaced with test cases auto-discovery.
- Local and remote test cases were marked for easy run and configuration.
- DCE/RPC endpoint test cases were refactored and moved to a new layout.
- An initial testing guide with the main steps to prepare a testing environment and run them.
- Fixed a good amount of DCE/RPC endpoint test cases that were failing.
- Added tests for [MS-PAR], [MS-RPRN], CCache and DPAPI.
- Added a function to compute the Netlogon Authenticator at client-side in [MS-NRPC] (@0xdeaddood)
- Added [MS-DSSP] protocol implementation (@simondotsh)
- Added GetDriverDirectory functions to [MS-PAR] and [MS-RPRN] (@raithedavion)
- Refactored the Credential Cache:
- Added new parseFile function to ccache.py (@rmaksimov)
- Added support for loading CCache Version 3 (@reznok)
- Modified fromKRBCRED function used to load a Kirbi file (@0xdeaddood)
- Fixed Ccache to Kirbi conversion (@ShutdownRepo)
- Fixed default NTLM server challenge in smbserver (@rtpt-jonaslieb)
-
Examples improvements
- exchanger.py:
- Fixed a bug when a Global Address List doesn't exist on the server (@mohemiv)
- mimikatz.py
- Updated intro to not trigger the AV on windows (@mpgn)
- ntlmrelayx.py:
- Implemented RAW Relay Server (@CCob)
- Added an LDAP attack dumping information about the domain's ADCS enrollment services (@SAERXCIT)
- Added multi-relay feature to the HTTP Relay Server. Now one incoming HTTP connection could be used against multiple targets (@0xdeaddood)
- Added an option to disable the multi-relay feature (@zblurx and @0xdeaddood)
- Added multiple HTTP listeners running at the same time (@SAERXCIT)
- Support for the ADCS ESC1 and ESC6 attacks (@hugo-syn)
- Added Shadow Credentials attack (@ShutdownRepo, @Tw1sm, @nodauf and @p0dalirius)
- Added the ability to define a password for the LDAP attack addComputer (@ShutdownRepo)
- Added rename_computer and modify add_computer in LDAP interactive shell (@capnkrunchy)
- Implemented StartTLS (@ThePirateWhoSmellsOfSunflowers)
- reg.py:
- Added save function to allow remote saving of registry hives (@ShutdownRepo and @scopedsecurity)
- secretsdump.py:
- Added an option to dump credentials using the Kerberos Key List attack (@0xdeaddood)
- smbpasswd.py:
- Added an option to force credentials change via injecting new values into SAM (@snovvcrash and @Alef-Burzmali!)
- exchanger.py:
-
New examples
- machine_role.py: This script retrieves a host's role along with its primary domain details (@simondotsh)
- keylistattack.py: This example implements the Kerberos Key List attack to dump credentials abusing RODCs and Azure AD Kerberos Servers (@0xdeaddood)
As always, thanks a lot to all these contributors that make this library better every day (since last version):
@rmaksimov @simondotsh @CCob @raithedavion @SAERXCIT @Maltemo @dirkjanm @reznok @ShutdownRepo @scopedsecurity @Tw1sm @nodauf @p0dalirius @zblurx @hugo-syn @capnkrunchy @mohemiv @mpgn @rtpt-jonaslieb @snovvcrash @Alef-Burzmali @ThePirateWhoSmellsOfSunflowers @jlvcm