- Update to version 0.12.0
Library improvements
* Fixed broken hRSetServiceObjectSecurity method.
* Removed dsinternals dependency.
* Fixed srvs.hNetrShareEnum returning erronous shares.
* Fixed lmhash computing to support non standard characters in
the password.
* Assorted fixes when processing Unicode data.
* Added [MS-GKDI] Group Key Distribution Protocol implementation.
* Fixed incorrect padding in
SMBSessionSetupAndX_Extended_ResponseData.
* Upgraded dependency pyreadline -> pyreadline3.
* SMB Server:
+ Added query information level 0x0109 for smb1
"SMB_QUERY_FILE_STREAM_INFO".
+ Fixed filename encoding in queryPathInformation.
+ Fixed NextEntryOffset for large directory listings.
+ Fixed server returning an empty folder when cutting and
pasting recursive directories.
* DHCP: Fixed encoding issues.
Example Improvements
* multiple improvements, see
https://github.com/fortra/impacket/releases/tag/impacket_0_12_0
New Examples
* describeTicket.py: Ticket describer and decrypter.
* GetADComputers.py: Query's DC via LDAP and returns the COMPUTER
objects and the useful attributes such as full dns name,
operating system name and version.
* GetLAPSPassword.py: Extract LAPS passwords from LDAP.
* dacledit.py: This script can be used to read, write, remove,
OBS-URL: https://build.opensuse.org/request/show/1201560
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-impacket?expand=0&rev=19
- Update to version 0.11.0
Library improvements
* Added new Kerberos error codes.
* Added [MS-TSTS] Terminal Services Terminal Server Runtime
Interface Protocol implementation.
* Changed the setting up for new SSL connections.
* Added a callback function to smbserver for incoming
authentications.
* Fix crash in winregistry.
* Fixes in IDispatch derived classes in comev implementation.
* Fix CVE-2020-17049 in ccache.py.
* Smbserver: Added SMB2_FILE_ALLOCATION_INFO type determination.
* tds: Fixed python3 incompatibility when receiving over TLS
socket.
* crypto: Ensure passwords are utf-8 encoded before deriving
Kerberos keys.
* ese: Fixed python3 incompatibility when reading from db.
* ldap queries: Escaped characters are now correctly parsed.
* Support SASL authentication in ldap protocol.
Examples improvements
* GetADUsers.py, GetNPUsers.py, GetUserSPNs.py and
findDelegation.py:
+ Added dc-host option to connect to specific KDC using its
FQDN or NetBIOS name.
* GetNPUsers.py
+ Printing TGT in stdout despite -outputfile parameter.
+ Fixed output hash format for AES128/256 (etype 17/18).
* GetUserSPNs.py:
+ Added LDAP paged search
+ Added a -stealth flag to remove the SPN filter from the LDAP
OBS-URL: https://build.opensuse.org/request/show/1107803
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-impacket?expand=0&rev=13
- update to version 0.10.0
* Dropped support for Python 2.7.
* Refactored the testing infrastructure (@martingalloar):
* Added `pytest` as the testing framework to organize and mark test
cases. `Tox` remain as the automation framework, and `Coverage.py`
for measuring code coverage.
* Custom bash scripts were replaced with test cases auto-discovery.
* Local and remote test cases were marked for easy run and configuration.
* DCE/RPC endpoint test cases were refactored and moved to a new layout.
* An initial testing guide with the main steps to prepare a testing environment and run them.
* Fixed a good amount of DCE/RPC endpoint test cases that were failing.
* Added tests for `[MS-PAR]`, `[MS-RPRN]`, CCache and DPAPI.
* Added a function to compute the Netlogon Authenticator at client-side in `[MS-NRPC]` (@0xdeaddood)
* Added `[MS-DSSP]` protocol implementation (@simondotsh)
* Added GetDriverDirectory functions to `[MS-PAR]` and `[MS-RPRN]` (@raithedavion)
* Refactored the Credential Cache:
* Added new parseFile function to ccache.py (@rmaksimov)
* Added support for loading CCache Version 3 (@reznok)
* Modified fromKRBCRED function used to load a Kirbi file (@0xdeaddood)
* Fixed Ccache to Kirbi conversion (@ShutdownRepo)
* Fixed default NTLM server challenge in smbserver (@rtpt-jonaslieb)
* Fixed WMI objects parsing (@franferrax)
* Added the RpcAddPrinterDriverEx method and related structures to `[MS-RPRN]`: Print System Remote Protocol (@cube0x0)
* Initial implementation of `[MS-PAR]`: Print System Asynchronous Remote Protocol (@cube0x0)
* Complying `[MS-RPCH]` with HTTP/1.1 (@mohemiv)
* Added return of server time in case of Kerberos error (@ShutdownRepo and @Hackndo)
OBS-URL: https://build.opensuse.org/request/show/1090466
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-impacket?expand=0&rev=11
- Update to version 0.9.23
Library improvements
* Support connect timeout with SMBTransport.
* Speeding up DcSync.
* Fixed Python3 issue when serving SOCKS5 requests.
* Fixed Path Traversal vulnerabilities in smbserver.py .
CVE-2021-31800
* Fixed POST request processing in httprelayserver.py .
* Added cat command to smbclient.py .
* Added new features to the LDAP Interactive Shell to facilitate
AD exploitation.
* Python 3.9 support
- Drop not longer needed patch:
* 1054.patch
OBS-URL: https://build.opensuse.org/request/show/898860
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-impacket?expand=0&rev=9
- Update to version 0.9.22
Library improvements
* Added implementation of RPC over HTTP v2 protocol.
* Added MS-NSPI, MS-OXNSPI and MS-OXABREF protocol
implementations.
* Improved the multi-page results in LDAP queries.
* NDR parser optimization.
* Improved serialization of WMI method parameters.
* Introduce the MS-NLMP 2.2.2.10 VERSION structure in
NTLMAuthNegotiate messages.
* Added some NETLOGON structs for NetrServerPasswordSet2.
* Python 3.8 support.
Examples improvements
* atexec.py: Fixed after MS patches related to RPC attacks.
* dpapi.py: Added -no-pass, pass-the-hash and AES Key support
for backup subcommand.
* GetNPUsers.py: Added ability to enumerate targets with
Kerberos KRB5CC.
* GetUserSPNs.py: Added new features for kerberoasting.
* ntlmrelayx.py:
+ Added ability to relay on new Windows versions that have
SMB guest access disabled by default.
+ Added option to specify the NTLM Server Challenge used
when receiving a connection.
+ Added relaying to RPC support.
+ Implemented WCFRelayServer.
+ Added Zerologon DCSync Relay Client.
+ Fixed issue in ldapattack.py when relaying and creating
computer in CN=Computers.
+ rpcdump.py: Added RPC over HTTP v2 support.
OBS-URL: https://build.opensuse.org/request/show/850312
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-impacket?expand=0&rev=3
