merge upstream #33
Merged
merge upstream #33
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
According to RFC 3961 and 3962, the password and salt in the string-to-key functions is assumed to be an UTF-8 encoded string. Closes #1491.
* Cannot concatenate string to bytes * configparser now(?) requires the values to be String
Using the RFC1060 localhost IP doesn't resolve successfully on
all machines:
C:\>echo foo > \\127.0.0.1\C$\bar
echo foo > \\127.0.0.1\C$\bar
The specified user does not exist.
C:\>echo foo > \\localhost\C$\bam
echo foo > \\localhost\C$\bam
You were not connected because a duplicate name exists on the network. Go to System in Control Panel to change the computer name and try again.
C:\>echo fo > \\localhost.localdomain\C$\bam
echo fo > \\localhost.localdomain\C$\bam
The network path was not found.
However, UNC paths work well and are documented to use the computer's
name for addressing. Hence, switch to %COMPUTERNAME% for more reliable
execution.
Otherwise we may have errors such as:
impacket.dcerpc.v5.scmr.DCERPCSessionError: SCMR SessionError: code: 0x41d - ERROR_SERVICE_REQUEST_TIMEOUT - The service did not respond to the start or control request in a timely fashion.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/impacket/smbconnection.py", line 769, in getFile
return self._SMBConnection.retr_file(shareName, pathName, callback)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/impacket/smb.py", line 4009, in retr_file
fid = self.nt_create_andx(tid, filename, shareAccessMode = shareAccessMode, accessMask = 0x20089)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/jkoenig/MS17-010/examples/smbexec.py", line 206, in nt_create_andx
self._last_fid = smb.SMB.nt_create_andx(self, tid, filename, smb_packet, cmd, shareAccessMode, disposition, accessMask)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/impacket/smb.py", line 3896, in nt_create_andx
if smb.isValidAnswer(SMB.SMB_COM_NT_CREATE_ANDX):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/impacket/smb.py", line 778, in isValidAnswer
raise SessionError("SMB Library Error", self['ErrorClass'] + (self['_reserved'] << 8), self['ErrorCode'], self['Flags2'] & SMB.FLAGS2_NT_STATUS, self)
impacket.smb.SessionError: SMB SessionError: STATUS_OBJECT_NAME_NOT_FOUND(The object name is not found.)
CRITICAL:root:SMB SessionError: STATUS_OBJECT_NAME_NOT_FOUND(The object name is not found.)
The code looks for leading zero bytes and removes them, but then uses the number of zero bytes (in variable beginning) to trim the key again just before printing. This commit fixes the code to only trim once. The code was verified to work and print the same DPAPI master key as Mimikatz and the other methods implemented by Impacket.
Fix ticketer duration to support default 10 hours tickets
…serspns_patch Use LDAP paged search in GetUserSPNs.py
Add UTC date to cached domain logon information
add STATUS_SMB_BAD_UID error
Updated the Installation section
Update httprelayclient.py to force NTLM auth if anonymous auth is enabled (ADCS)
Updated README
Updated the unreleased changes.
# Conflicts: # .github/workflows/build_and_test.yml
Updated GitHub Actions and Tox.ini
* Deleted 'BTOBTO' hardcoded service name * Deleted output file if still in share * Fixed deleting output file * Moved random string generation * Deleted extra lines
Add the structure and logic of the protocols to the backend Add the possibility to send Kerberos packets to a non-default port Add the possibility to request a TGT for another SPN
This example combines the different protocols that can change a user's password in an AD environment. - smbpasswd.py features from edef71f Authors: @snovvcrash, @bransh, @Alef-Burzmali - Kerberos authentication for smbpasswd.py from bbcd2d8 Author: @p0dalirius (PR #1177) - MS-RPC transport for SAMR (rpcpasswd.py) from a1d0cc9 Author: @Oddvarmoe (PR #1304) - Kerberos Change and Set Password (kpasswd.py) from 9aea200 Author: @Alef-Burzmali
Impacket #975: ldap.py: LDAPConnection now parses escaped characters in filters
Fix minor "get_instace" typo
…asks [Get-GPPPassword.py] Better handling of various XML files in Group Policy Preferences.
Added Recursive File Listing to SMBClient.py
# Conflicts: # impacket/examples/ntlmrelayx/attacks/ldapattack.py
Ntlmrelayx: Add DNS records through LDAP
…format GetNPUsers.py: Fixed incorrectly formatted output hashes for AES128/256 (etype 17/18) AS-REPs
* TGT will also be printed on stdout even when writing to an output file
Impacket #1434: Added `SMB2_FILE_ALLOCATION_INFO` type determination, referenced Samba code
Fix crash in winregistry.py
Replaced isinstance(s, bytes) with isinstance(s, six.binary_type) to keep it backwards compatible with python2
Encode passwords before deriving Kerberos keys
support sasl authentication in ldap protocol
Also add missing comments on LDAP usage in script's headers
add filter option to ntlmrelayx.py
Add changepasswd.py example script
* add net.py * Update net.py * Update file banners to reflect Fortra ownership --------- Co-authored-by: Alexio2 <colorain@protonmail.com> Co-authored-by: Alexio2 <110637492+Alexio2@users.noreply.github.com>
ShutdownRepo
pushed a commit
that referenced
this pull request
Jul 19, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.