![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / net / py-impacket
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Fix PLIST after py-setuptools update; bump depends and revision
py-*: remove unused tool dependency py-setuptools includes the py-wheel functionality nowadays
py-impacket: updated to 0.12.0
Impacket v0.12.0-dev:
1. Library improvements
* Fixed broken hRSetServiceObjectSecurity method (@rkivys)
* Removed dsinternals dependency (@anadrianmanrique)
* Fixed srvs.hNetrShareEnum returning erronous shares (@cnotin)
* Fixed lmhash computing to support non standard characters in the password (@anadrianmanrique)
* Assorted fixes when processing Unicode data (@alexisbalbachan)
* Added `[MS-GKDI]` Group Key Distribution Protocol implementation (@zblurx)
* Fixed incorrect padding in SMBSessionSetupAndX_Extended_ResponseData (@rtpt-erikgeiser)
* Upgraded dependency pyreadline -> pyreadline3 (@anadrianmanrique)
* SMB Server:
* Added query information level 0x0109 for smb1 "SMB_QUERY_FILE_STREAM_INFO" (@Adamkadaban)
* Fixed filename encoding in queryPathInformation (@JerAxxxxxxx)
* Fixed NextEntryOffset for large directory listings (@robnanola)
* Fixed server returning an empty folder when cutting and pasting recursive directories (@robnanola)
* DHCP: Fixed encoding issues (@ujwalkomarla)
3. Examples improvements
* [secretsdump.py](examples/secretsdump.py):
* Double DC Sync performance for DCs supporting SID lookups (@tomspencer)
* Added ability to skip dumping of SAM or SECURITY hives when performing remote operations (@RazzburyPi)
* Added ability to specify users to skip when dumping NTDS (@RazzburyPi)
* [ticketer.py](examples/ticketer.py):
* Support to create Sapphire tickets (@ShutdownRepo)
* [GetUserSPNs.py](examples/GetUserSPNs.py), [getTGT.py](examples/getTGT.py):
* Support for Kerberoasting without pre-authentication and ST request through AS-REQ (@ShutdownRepo)
* [wmiexec.py](examples/wmiexec.py):
* Fix kerberos with remoteHost & add '-target-ip'(@XiaoliChan)
* [ntlmrelayx.py](examples/ntlmrelayx.py):
* Added the creation of a new machine account through SMB (@BlWasp)
* NTLMRelayX Multirelay fixes for target handling, added --keep-relaying flag (@alexisbalbachan)
* Logging multirelay status when triggering the example (@gabrielg5)
* Write certificates to file rather than outputting b64 to console (@RazzburyPi)
* Improved ability to continue relaying to ADCS web enrollment endpoint in order to request multiple certificates for different users (@RazzburyPi)
* Fixed compatibility issue with other SMB clients connecting to the SOCKS proxy created by ntlmrelayx (@jfjallid)
* Allow configuration of the SOCKS5 address and port (@rtpt-erikgeiser)
* Fixed implementation of MSSQLShell (@gabrielg5)
* Logging notification of received connections in all relay servers (@gabrielg5)
* Add domain and username to interactive Ldap shell message (@minniear)
* Enhanced MSSQLShell in NTLMRelayX leveraging TcpShell & output messages (@gabrielg5)
* LDAP Attack: Bugfixes when parsing responses (@SAERXCIT)
* [getST.py](examples/getST.py):
* Added -self, -altservice and -u2u for S4U2self abuse, S4U2self+u2u, and service substitution (@ShutdownRepo)
* Added ability to set the RENEW ticket option to renew a TGT (@shikatano)
* Fixed unicode encoding error when using the -impersonate flag (@alexisbalbachan)
* [getTGT.py](examples/getTGT.py):
* Added principalType as new parameter (@DevSpork)
* [reg.py](examples/reg.py):
* Start remote registry as unprivileged user in reg.py (@dadevel)
* Allow adding Binary values (@dc3l1ne)
* Add missing Null byte for REG_SZ values (@PfiatDe)
* Support for adding REG_MULTI_SZ values through (@garbrielg5)
* [smbclient.py](examples/smbclient.py):
* Added ability to provide an output file that the smbclient mini shell will write commands and output to (@RazzburyPi)
* Fixed path parse issue when running `tree` command (@trietend)
* [smbserver.py](examples/smbserver.py):
* Added parameter "-outputfile" to set smbserver log file(gabrielg5)
* [DumpNTLMInfo.py](examples/DumpNTLMInfo.py):
* Allow execution on non-default ports (@jeffmcjunkin)
* Fixed KeyError exception when running with a Windows 2003 target (@XiaoliChan)
* [findDelegation.py](examples/findDelegation.py):
* Added new column to show if SPN exists (@p0dalirius)
* [mssqlclient.py](examples/mssqlclient.py):
* Added `-target-ip` parameter to allow Kerberos authentication without much change in the DNS configuration of the local machine (@Palkovsky)
* [mssqlshell.py](examples/mssqlshell.py):
* Switching back to original DB after running `enum_impersonate` command (@exploide)
* Fixed logging in printReplies showing error messages (@gabrielg5)
* [registry-read.py](examples/registry-read.py):
* Fixed scenario where value name contains backlash (@DidierA)
* [net.py](examples/net.py):
* Fixed User "Account Active" property value (@marcobarlottini)
* Fixed log messages printing variables in the wrong order (@Cyb3rC3lt)
* [rbcd.py](examples/rbcd.py):
* Handled SID not found in LDAP error (@ShutdownRepo)
* [GetUserSPNs.py](examples/GetUserSPNs.py):
* Updated the help information for -outputfile to be consistent with -save (@scarvell)
* [ntfs-read.py](examples/ntfs-read.py):
* Minor refactor in ntfs-read.py to make it more human-readable (@NtAlexio2)
* [ldap_shell.py](examples/ldap_shell.py):
* Added support for dirsync and whoami commands (@nurfed1)
* [lookupsid.py](examples/lookupsid.py):
* Now supports kerberos auth (@A1vinSmith)
* [samrdump.py](examples/samrdump.py):
* Will fetch AdminComment using MSRPC (@joeldeleep)
* [tstool.py](examples/tstool.py):
* Added support for kerberos auth, resolves SIDs (@nopernik)
4. New examples
* [describeTicket.py](examples/describeTicket.py): Ticket describer and decrypter. (@ShutdownRepo)
* [GetADComputers.py](examples/GetADComputers.py): Query's DC via LDAP and returns the COMPUTER objects and the useful attributes such as full dns name, operating system name and version. (@F-Masood)
* [GetLAPSPassword.py](examples/GetLAPSPassword.py): Extract LAPS passwords from LDAP (@zblurx and @dru1d-foofus)
* [dacledit.py](examples/dacledit.py): This script can be used to read, write, remove, backup, restore ACEs (Access Control Entries) in an object DACL (Discretionary Access Control List). (@_nwodtuhs) (@BlWasp_) (@Wlayzz)
py-impacket: updated to 0.11.0
Impacket v0.11.0 (Aug 2023):
1. Library improvements
* Added new Kerberos error codes (@ly4k).
* Added `[MS-TSTS]` Terminal Services Terminal Server Runtime Interface Protocol implementation (@nopernik).
* Changed the setting up for new SSL connections (@mpgn, @CT-H00K and @0xdeaddood).
* Added a callback function to smbserver for incoming authentications (@p0dalirius).
* Fix crash in winregistry (@laxa)
* Fixes in IDispatch derived classes in comev implementation (@NtAlexio2)
* Fix CVE-2020-17049 in ccache.py (@godylockz)
* Smbserver: Added SMB2_FILE_ALLOCATION_INFO type determination (@JerAxxxxxxx)
* tds: Fixed python3 incompatibility when receiving over TLS socket (@exploide)
* crypto: Ensure passwords are utf-8 encoded before deriving Kerberos keys (@jojonas)
* ese: Fixed python3 incompatibility when reading from db (@alexisbalbachan)
* ldap queries: Escaped characters are now correctly parsed (@alexisbalbachan)
* Support SASL authentication in ldap protocol (@NtAlexio2)
2. Examples improvements
* [GetADUsers.py](examples/GetADUsers.py), [GetNPUsers.py](examples/GetNPUsers.py), [GetUserSPNs.py](examples/GetUserSPNs.py) and [findDelegation.py](examples/findDelegation.py):
* Added dc-host option to connect to specific KDC using its FQDN or NetBIOS name (@rmaksimov and @0xdeaddood).
* [GetNPUsers.py](examples/GetNPUsers.py)
* Printing TGT in stdout despite -outputfile parameter (@alexisbalbachan and @Zamanry)
* Fixed output hash format for AES128/256 (etype 17/18) (@erasmusc)
* [GetUserSPNs.py](examples/GetUserSPNs.py):
* Added LDAP paged search (@ThePirateWhoSmellsOfSunflowers and @SAERXCIT).
* Added a -stealth flag to remove the SPN filter from the LDAP query (@clavoillotte).
* Improved searchFilter (@ShutdownRepo)
* Use LDAP paged search (@ThePirateWhoSmellsOfSunflowers)
* [psexec.py](examples/psexec.py):
* Added support for name customization using a custom binary file (@Dramelac).
* [smbexec.py](examples/smbexec.py):
* Security fixes for privilege escalation vulnerabilities (@bugch3ck).
* Fixed python3 compatibility issues, added workaround TCP over NetBIOS being disabled (@ljrk0)
* [secretsdump.py](examples/secretsdump.py):
* Added a new option to extract only NTDS.DIT data for specific users based on an LDAP filter (@snovvcrash).
* Security fixes for privilege escalation vulnerabilities (@bugch3ck).
* [mssqlclient.py](examples/mssqlclient.py):
* Added multiple new commands. Now supports xp_dirtree execution (@Mayfly277, @trietend and @TurtleARM).
* [ntlmrelayx.py](examples/ntlmrelayx.py):
* Added ability to trigger SQLShell when running ntlmrelayx in interactive mode (@sploutchy).
* Added filter option to the socks command in ntlmrelayx CLI (@shoxxdj)
* Added ability to register DNS records through LDAP.
* [addcomputer.py](examples/addcomputer.py), [rbcd.py](examples/rbcd.py):
* Allow weak TLS ciphers for LDAP connections (@AdrianVollmer)
* [Get-GPPPassword.py](examples/Get-GPPPassword.py):
* Better handling of various XML files in Group Policy Preferences (@p0dalirius)
* [smbclient.py](examples/smbclient.py):
* Added recursive file listing (@Sq00ky)
* [ticketer.py](examples/ticketer.py):
* Ticket duration is now specified in hours instead of days (@Dramelac)
* Added extra-pac implementation (@Dramelac)
3. New examples
* [net.py](examples/net.py) Implementation of windows net.exe builtin tool (@NtAlexio2)
* [changepasswd.py](examples/changepasswd.py) New example that allows password changing or reseting through multiple protocols (@Alef-Burzmali, @snovvcrash, @bransh, @api0cradle and @p0dalirius)
* [DumpNTLMInfo.py](examples/DumpNTLMInfo.py) New example that dumps remote host information in ntlm authentication model, without credentials. For SMB protocols v1, v2 and v3. (@NtAlexio2)
fighting a losing battle against the py-cryptography rustification, part 5 Convert py-OpenSSL users to versioned_dependencies.mk
*: mark py-flask dependencies as not-for-python-2.x I'll update py-flask soon; the current pkgsrc of py-flask version is broken and all newer versions do not support python 2.x
python: egg.mk: add USE_PKG_RESOURCES flag This flag should be set for packages that import pkg_resources and thus need setuptools after the build step. Set this flag for packages that need it and bump PKGREVISION.
*: bump PKGREVISION for egg.mk users They now have a tool dependency on py-setuptools instead of a DEPENDS
py-impacket: fix building
py-impacket: updated to 0.9.24
Impacket v0.9.24 (October 2021):
1. Library improvements
* Fixed WMI objects parsing
* Added the RpcAddPrinterDriverEx method and related structures to [MS-RPRN]: Print System Remote Protocol
* Initial implementation of [MS-PAR]: Print System Asynchronous Remote Protocol
* Complying MS-RPCH with HTTP/1.1
* Added return of server time in case of Kerberos error
2. Examples improvements
* [getST.py](examples/getST.py):
* Added support for a custom additional ticket for S4U2Proxy
* [ntlmrelayx.py](examples/ntlmrelayx.py):
* Added Negotiate authentication support to the HTTP server
* Added anonymous session handling in the HTTP server
* Fixed error in ldapattack.py when trying to escalate with machine account
* Added the implementation of AD CS attack
* Disabled the anonymous logon in the SMB server
* [psexec.py](examples/psexec.py):
* Fixed decoding problems on multi bytes characters
* [reg.py](examples/reg.py):
* Implemented ADD and DELETE functionalities
* [secretsdump.py](examples/secretsdump.py):
* Speeding up NTDS parsing
* [smbclient.py](examples/smbclient.py):
* Added 'mget' command which allows the download of multiple files
* Handling empty search count in FindFileBothDirectoryInfo
* [smbpasswd.py](examples/smbpasswd.py):
* Added the ability to change a user's password providing NTLM hashes
* [smbserver.py](examples/smbserver.py):
* Added NULL SMBv2 client connection handling
* Hardened path checks and Added TID checks
* Added SMB2 support to QUERY_INFO Request and Enabled SMB_COM_FLUSH method
* Added missing constant and structure for the QUERY_FS Information Level SMB_QUERY_FS_DEVICE_INFO
* [wmipersist.py](examples/wmipersist.py):
* Fixed VBA script execution and improved error checking
3. New examples
* [rbcd.py](examples/rbcd.py): Example script for handling the msDS-AllowedToActOnBehalfOfOtherIdentity property of a target computer
py-impacket: updated to 0.9.23 Impacket v0.9.23: Library improvements Support connect timeout with SMBTransport Speeding up DcSync Fixed Python3 issue when serving SOCKS5 requests Moved docker container to Python 3.8 Added basic GitHub Actions workflow Fixed Path Traversal vulnerabilities in smbserver.py - CVE-2021-31800 Fixed POST request processing in httprelayserver.py Added cat command to smbclient.py Added new features to the LDAP Interactive Shell to facilitate AD exploitation Python 3.9 support Examples improvements addcomputer.py: Enable the machine account created via SAMR getST.py: Added exploit for CVE-2020-17049 - Kerberos Bronze Bit attack Compute NTHash and AESKey for the Bronze Bit attack automatically ntlmrelayx.py: Fixed target parsing error wmipersist.py: Fixed filterBinding error Added PowerShell option for semi-interactive shells in dcomexec.py, smbexec.py and wmiexec.py Added new parameter to select COMVERSION in dcomexec.py, wmiexec.py, wmipersist.py and wmiquery.py New examples Get-GPPPassword.py: This example extracts and decrypts Group Policy Preferences passwords using streams for treating files instead of mounting shares. Additionally, it can parse GPP XML files offline smbpasswd.py: This script is an alternative to smbpasswd tool and intended to be used for changing expired passwords remotely over SMB (MSRPC-SAMR)
py-impacket: updated to 0.9.22 ChangeLog for 0.9.22: Library improvements Added implementation of RPC over HTTP v2 protocol (by @mohemiv). Added MS-NSPI, MS-OXNSPI and MS-OXABREF protocol implementations (by @mohemiv). Improved the multi-page results in LDAP queries (by @ThePirateWhoSmellsOfSunflowers). NDR parser optimization (by @mohemiv). Improved serialization of WMI method parameters (by @tshmul). Introduce the MS-NLMP 2.2.2.10 VERSION structure in NTLMAuthNegotiate messages (by @franferrax). Added some NETLOGON structs for NetrServerPasswordSet2 (by @dirkjanm). Python 3.8 support. Examples improvements atexec.py: Fixed after MS patches related to RPC attacks (by @mohemiv). dpapi.py: Added -no-pass, pass-the-hash and AES Key support for backup subcommand. GetNPUsers.py: Added ability to enumerate targets with Kerberos KRB5CC (by @rmaksimov). GetUserSPNs.py: Added new features for kerberoasting (by @mohemiv). ntlmrelayx.py: Added ability to relay on new Windows versions that have SMB guest access disabled by default. Added option to specify the NTLM Server Challenge used when receiving a connection. Added relaying to RPC support (by @mohemiv). Implemented WCFRelayServer (by @cnotin). Added Zerologon DCSync Relay Client (by @dirkjanm). Fixed issue in ldapattack.py when relaying and creating computer in CN=Computers (by @Hackndo). rpcdump.py: Added RPC over HTTP v2 support (by @mohemiv). secretsdump.py: Added ability to specifically delete a shadow based on its ID (by @phefley). Dump plaintext machine account password when dumping the local registry secrets(by @dirkjanm). New examples exchanger.py: A tool for connecting to MS Exchange via RPC over HTTP v2 (by @mohemiv). rpcmap.py: Scan for listening DCE/RPC interfaces (by @mohemiv).
py-impacket: fix DEPENDS; fix PLIST; fix binaries with Python version suffix; bump revision
py-impacket: use ALTERNATIVES
py-impacket: Import from wip (packaged by wiz, updated by nikita) Impacket is a collection of Python classes for working with network protocols. Impacket is mostly focused on providing low-level programmatic access to the packets, however some protocols (for instance NMB and SMB) are implemented in a higher level as a foundation for other protocols. Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. Impacket is most useful when used together with a packet capture utility or package such as Pcapy, an object oriented Python extension for capturing network packets.