github fortra/impacket impacket_0_12_0
Impacket 0.12.0

2 months ago

Impacket 0.12.0:

Project's main page at https://www.coresecurity.com/core-labs/open-source-tools/impacket

ChangeLog for 0.12.0:

  1. Library improvements

    • Fixed broken hRSetServiceObjectSecurity method (@rkivys)
    • Removed dsinternals dependency (@anadrianmanrique)
    • Fixed srvs.hNetrShareEnum returning erronous shares (@cnotin)
    • Fixed lmhash computing to support non standard characters in the password (@anadrianmanrique)
    • Assorted fixes when processing Unicode data (@alexisbalbachan)
    • Added [MS-GKDI] Group Key Distribution Protocol implementation (@zblurx)
    • Fixed incorrect padding in SMBSessionSetupAndX_Extended_ResponseData (@rtpt-erikgeiser)
    • Upgraded dependency pyreadline -> pyreadline3 (@anadrianmanrique)
    • SMB Server:
      • Added query information level 0x0109 for smb1 "SMB_QUERY_FILE_STREAM_INFO" (@Adamkadaban)
      • Fixed filename encoding in queryPathInformation (@JerAxxxxxxx)
      • Fixed NextEntryOffset for large directory listings (@robnanola)
      • Fixed server returning an empty folder when cutting and pasting recursive directories (@robnanola)
    • DHCP: Fixed encoding issues (@ujwalkomarla)
  2. Examples improvements

    • secretsdump.py:
      • Double DC Sync performance for DCs supporting SID lookups (@tomspencer)
      • Added ability to skip dumping of SAM or SECURITY hives when performing remote operations (@RazzburyPi)
      • Added ability to specify users to skip when dumping NTDS (@RazzburyPi)
    • ticketer.py:
    • GetUserSPNs.py, getTGT.py:
      • Support for Kerberoasting without pre-authentication and ST request through AS-REQ (@ShutdownRepo)
    • wmiexec.py:
      • Fix kerberos with remoteHost & add '-target-ip'(@XiaoliChan)
    • ntlmrelayx.py:
      • Added the creation of a new machine account through SMB (@BlWasp)
      • NTLMRelayX Multirelay fixes for target handling, added --keep-relaying flag (@alexisbalbachan)
      • Logging multirelay status when triggering the example (@gabrielg5)
      • Write certificates to file rather than outputting b64 to console (@RazzburyPi)
      • Improved ability to continue relaying to ADCS web enrollment endpoint in order to request multiple certificates for different users (@RazzburyPi)
      • Fixed compatibility issue with other SMB clients connecting to the SOCKS proxy created by ntlmrelayx (@jfjallid)
      • Allow configuration of the SOCKS5 address and port (@rtpt-erikgeiser)
      • Fixed implementation of MSSQLShell (@gabrielg5)
      • Logging notification of received connections in all relay servers (@gabrielg5)
      • Add domain and username to interactive Ldap shell message (@minniear)
      • Enhanced MSSQLShell in NTLMRelayX leveraging TcpShell & output messages (@gabrielg5)
      • LDAP Attack: Bugfixes when parsing responses (@SAERXCIT)
    • getST.py:
      • Added -self, -altservice and -u2u for S4U2self abuse, S4U2self+u2u, and service substitution (@ShutdownRepo)
      • Added ability to set the RENEW ticket option to renew a TGT (@shikatano)
      • Fixed unicode encoding error when using the -impersonate flag (@alexisbalbachan)
    • getTGT.py:
      • Added principalType as new parameter (@DevSpork)
    • reg.py:
      • Start remote registry as unprivileged user in reg.py (@dadevel)
      • Allow adding Binary values (@dc3l1ne)
      • Add missing Null byte for REG_SZ values (@PfiatDe)
      • Support for adding REG_MULTI_SZ values through (@garbrielg5)
    • smbclient.py:
      • Added ability to provide an output file that the smbclient mini shell will write commands and output to (@RazzburyPi)
      • Fixed path parse issue when running tree command (@trietend)
    • smbserver.py:
      • Added parameter "-outputfile" to set smbserver log file(gabrielg5)
    • DumpNTLMInfo.py:
      • Allow execution on non-default ports (@jeffmcjunkin)
      • Fixed KeyError exception when running with a Windows 2003 target (@XiaoliChan)
    • findDelegation.py:
    • mssqlclient.py:
      • Added -target-ip parameter to allow Kerberos authentication without much change in the DNS configuration of the local machine (@Palkovsky)
    • mssqlshell.py:
      • Switching back to original DB after running enum_impersonate command (@exploide)
      • Fixed logging in printReplies showing error messages (@gabrielg5)
    • registry-read.py:
      • Fixed scenario where value name contains backlash (@DidierA)
    • net.py:
      • Fixed User "Account Active" property value (@marcobarlottini)
      • Fixed log messages printing variables in the wrong order (@Cyb3rC3lt)
    • rbcd.py:
    • GetUserSPNs.py:
      • Updated the help information for -outputfile to be consistent with -save (@scarvell)
    • ntfs-read.py:
      • Minor refactor in ntfs-read.py to make it more human-readable (@NtAlexio2)
    • ldap_shell.py:
      • Added support for dirsync and whoami commands (@nurfed1)
    • lookupsid.py:
    • samrdump.py:
    • tstool.py:
      • Added support for kerberos auth, resolves SIDs (@nopernik)
  3. New examples

    • describeTicket.py: Ticket describer and decrypter. (@ShutdownRepo)
    • GetADComputers.py: Query's DC via LDAP and returns the COMPUTER objects and the useful attributes such as full dns name, operating system name and version. (@F-Masood)
    • GetLAPSPassword.py: Extract LAPS passwords from LDAP (@zblurx and @dru1d-foofus)
    • dacledit.py: This script can be used to read, write, remove, backup, restore ACEs (Access Control Entries) in an object DACL (Discretionary Access Control List). (@ShutdownRepo) (@BlWasp_) (@wlayzz)
    • owneredit.py: Added this script to abuse WriteOwner (ADS_RIGHT_WRITE_OWNER) access rights. This allows to take ownership of another object, and then edit that object's DACL (@ShutdownRepo) (@BlWasp_)

As always, thanks a lot to all these contributors that make this library better every day (up to now):

@tomspencer @anadrianmanrique @ShutdownRepo @dadevel @gjhami @NtAlexio2 @F-Masood @BlWasp @gabrielg5 @XiaoliChan @omry99 @wlayzz @themaks @alexisbalbachan @RazzburyPi @jeffmcjunkin @p0dalirius @dc3l1ne @jfjallid @Palkovsky @rtpt-erikgeiser @trietend @zblurx @dru1d-foofus @PfiatDe @DidierA @marcobarlottini @PeterGabaldon @m8r1us @5yn @tzuralon @Adamkadaban @scarvell @JerAxxxxxxx @ujwalkomarla @robnanola @SAERXCIT @nurfed1 @A1vinSmith @joeldeleep @nopernik

Don't miss a new impacket release

NewReleases is sending notifications on new releases.