#1261 Fixed output of secretsdump when LSA's Security Questions Security Answers structure is empty

ChangeLog.md

@@ -1,9 +1,44 @@
 # ChangeLog
 
-Project's main page at [www.secureauth.com](https://www.secureauth.com/labs/open-source-tools/impacket).
+Project owner's main page is at www.coresecurity.com.
 
 Complete list of changes can be found at:
-https://github.com/SecureAuthCorp/impacket/commits/master
+https://github.com/fortra/impacket/commits/master
+
+## ThePorgs edits:
+* [1135](https://github.com/fortra/impacket/pull/1135): **[GetUserSPNs]** Improved searchFilter for GetUserSPNs
+* [1137](https://github.com/fortra/impacket/pull/1137): **[SystemDPAPIdump]** Added script example 
+* [1154](https://github.com/fortra/impacket/pull/1154): **[ntlmrelayx]** Unfiltered SID query when operating ACL attack
+* [1184](https://github.com/fortra/impacket/pull/1184): **[findDelegation]** Added user filter on findDelegation
+* [1201](https://github.com/fortra/impacket/pull/1201): **[describeTicket]** Added describeTicket
+* [1202](https://github.com/fortra/impacket/pull/1202): **[getST]** Added -self, -altservice and -u2u to getST for S4U2self abuse, S4U2self+u2u, and service substitution
+* [1224](https://github.com/fortra/impacket/pull/1224): **[renameMachine]** Added renameMachine
+* [1253](https://github.com/fortra/impacket/pull/1253): **[ntlmrelayx]** Added LSA dump on top of SAM dump for ntlmrelayx
+* [1256](https://github.com/fortra/impacket/pull/1256): **[tgssub]** Added tgssub script for service substitution
+* [1267](https://github.com/fortra/impacket/pull/1267): **[Get-GPPPasswords]** Better handling of various XML files in Group Policy Preferences
+* [1270](https://github.com/fortra/impacket/pull/1270): **[ticketer]** Fix ticketer duration to support default 10 hours tickets
+* [1280](https://github.com/fortra/impacket/pull/1280): **[machineAccountQuota]** added machineAccountQuota
+* [1288](https://github.com/fortra/impacket/pull/1288): **[ntlmrelayx]** LDAP attack: bypass computer creation restrictions with CVE-2021-34470
+* [1289](https://github.com/fortra/impacket/pull/1289): **[ntlmrelayx]** LDAP attack: Add DNS records through LDAP
+* [1291](https://github.com/fortra/impacket/pull/1291): **[dacledit]** New example script for DACL manipulation
+* [1318](https://github.com/fortra/impacket/pull/1318): **[ntlmrelayx]** Dump ADCS: bug fixes
+* [1323](https://github.com/fortra/impacket/pull/1323): **[owneredit]** New example script to change an object's owner
+* [1329](https://github.com/fortra/impacket/pull/1329): **[secretsdump]** Use a custom LDAP filter during a DCSync
+* [1353](https://github.com/fortra/impacket/pull/1353): **[ntlmrelayx]** add filter option
+* [1360](https://github.com/fortra/impacket/pull/1360): **[smbserver]** Added flag to drop SSP from Net-NTLMv1 auth
+* [1367](https://github.com/fortra/impacket/pull/1367): **[secretsdump]** Add UTC date to cached domain logon information
+* [1391](https://github.com/fortra/impacket/pull/1391): **[ticketer]** Ticketer extra-pac implementation
+* [1393](https://github.com/fortra/impacket/pull/1393): **[rbcd]** Handled SID not found in LDAP error
+* [1397](https://github.com/fortra/impacket/pull/1397): **[mssqlclient]** commands and prompt improvements
+* [1411](https://github.com/fortra/impacket/pull/1411): **[ticketer]** Sapphire tickets
+* [1413](https://github.com/fortra/impacket/pull/1413): **[getST]** Support for Kerberoasting without pre-authentication and ST request through AS-REQ
+* [1421](https://github.com/fortra/impacket/pull/1421): **[ntlmrelayx]** Fix leftover space in shadow credentials argument
+* [1425](https://github.com/fortra/impacket/pull/1425): **[ntlmrelayx]** Add SCCM NTLM Relay Attack
+* [1432](https://github.com/fortra/impacket/pull/1432): **[httprelayclient]** force NTLM auth if anonymous auth is enabled (ADCS)
+* [1444](https://github.com/fortra/impacket/pull/1444): **[Get-GPPPassword]** Better handling of various XML files in Group Policy Preferences
+* [1449](https://github.com/fortra/impacket/pull/1449): **[addcomputer,rbcd]** Allow weak TLS ciphers for LDAP connections
+* [1450](https://github.com/fortra/impacket/pull/1450): **[PsExec]** Support for name customization using a custom binary file
+
 
 ## Impacket v0.10.0 (May 2022):
 

Dockerfile

@@ -4,7 +4,7 @@ RUN apk add --no-cache git gcc musl-dev python3-dev libffi-dev openssl-dev cargo
 RUN python3 -m pip install virtualenv
 RUN virtualenv -p python venv
 ENV PATH="/opt/venv/bin:$PATH"
-RUN git clone --depth 1 https://github.com/SecureAuthCorp/impacket.git
+RUN git clone --depth 1 https://github.com/fortra/impacket.git
 RUN python3 -m pip install impacket/
 
 FROM python:3.8-alpine

LICENSE

@@ -4,15 +4,15 @@ Licencing
 We provide this software under a slightly modified version of the
 Apache Software License. The only changes to the document were the
 replacement of "Apache" with "Impacket" and "Apache Software Foundation"
-with "SecureAuth Corporation". Feel free to compare the resulting
+with "Fortra". Feel free to compare the resulting
 document to the official Apache license.
 
 The `Apache Software License' is an Open Source Initiative Approved
 License.
 
 
 The Apache Software License, Version 1.1
-Modifications by SecureAuth Corporation (see above)
+Modifications by Fortra (see above)
 
 Copyright (c) 2000 The Apache Software Foundation.  All rights
 reserved.
@@ -32,18 +32,18 @@ are met:
 3. The end-user documentation included with the redistribution,
    if any, must include the following acknowledgment:
       "This product includes software developed by
-       SecureAuth Corporation (https://www.secureauth.com/)."
+       SecureAuth Corporation (https://www.secureauth.com/) and Fortra (https://www.fortra.com)."
    Alternately, this acknowledgment may appear in the software itself,
    if and wherever such third-party acknowledgments normally appear.
 
-4. The names "Impacket", "SecureAuth Corporation" must
+4. The names "Impacket", "SecureAuth Corporation", and "Fortra" must
    not be used to endorse or promote products derived from this
    software without prior written permission. For written
-   permission, please contact oss@secureauth.com.
+   permission, please reach out to https://www.coresecurity.com/about/contact.
 
 5. Products derived from this software may not be called "Impacket",
    nor may "Impacket" appear in their name, without prior written
-   permission of SecureAuth Corporation.
+   permission of Fortra.
 
 THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
 WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

README.md

@@ -1,10 +1,15 @@
+> :information_source: This is a fork specifically maintained for [The Exegol Project](https://exegol.rtfd.io/) but it can be used outside of Exegol as well. This is a fork of the official Impacket project at https://github.com/SecureAuthCorp/Impacket. It aims at being a quicker on the merge of pull requests and other community contributions. See this as a bleeding-edge version maintained by lover of Impacket.
+
+> :warning: keep in mind this fork can be less stable than the official version at times. But we think the community is strong enough to offer fixes when issues rise. We, as maintainers of this fork, will just need to be fast enough to review and merge.
+
+> :information_source: we are also working on a documentation project at [The Hacker Tools - Impacket](https://tools.thehacker.recipes/impacket). Feel free to contribute as well on the [GitHub repo](https://github.com/ShutdownRepo/The-Hacker-Tools).
+
 Impacket
 ========
 
-[![Latest Version](https://img.shields.io/pypi/v/impacket.svg)](https://pypi.python.org/pypi/impacket/)
-[![Build and test Impacket](https://github.com/SecureAuthCorp/impacket/actions/workflows/build_and_test.yml/badge.svg)](https://github.com/SecureAuthCorp/impacket/actions/workflows/build_and_test.yml)
+FORTRA. Copyright (C) 2022 Fortra. All rights reserved.
 
-SECUREAUTH LABS. Copyright (C) 2022 SecureAuth Corporation. All rights reserved.
+Impacket was originally created by [SecureAuth](https://www.secureauth.com/labs/open-source-tools/impacket), and now maintained by Fortra's Core Security.
 
 Impacket is a collection of Python classes for working with network
 protocols. Impacket is focused on providing low-level
@@ -15,105 +20,15 @@ raw data, and the object-oriented API makes it simple to work with
 deep hierarchies of protocols. The library provides a set of tools
 as examples of what can be done within the context of this library.
 
-A description of some of the tools can be found at
-[SecureAuth Labs' Open Source Website](https://www.secureauth.com/labs/open-source-tools/impacket).
-
-
-What protocols are featured?
-----------------------------
-
- * Ethernet, Linux "Cooked" capture.
- * IP, TCP, UDP, ICMP, IGMP, ARP.
- * IPv4 and IPv6 Support.
- * NMB and SMB1, SMB2 and SMB3 (high-level implementations).
- * MSRPC version 5, over different transports: TCP, SMB/TCP, SMB/NetBIOS and HTTP.
- * Plain, NTLM and Kerberos authentications, using password/hashes/tickets/keys.
- * Portions/full implementation of the following MSRPC interfaces: EPM, DTYPES, LSAD, LSAT, NRPC, RRP, SAMR, SRVS, WKST, SCMR, BKRP, DHCPM, EVEN6, MGMT, SASEC, TSCH, DCOM, WMI, OXABREF, NSPI, OXNSPI.
- * Portions of TDS (MSSQL) and LDAP protocol implementations.
-
-Maintainer
-==========
-
-[<img src="https://www.secureauth.com/wp-content/uploads/2020/10/SA_Logo_Blue_Hori-web.png" width="320"/>](https://www.secureauth.com/)
-
-
-Table of Contents
-=================
-
-* [Getting Impacket](#getting-impacket)
-* [Setup](#setup)
-* [Testing](#testing)
-* [Licensing](#licensing)
-* [Disclaimer](#disclaimer)
-* [Contact Us](#contact-us)
-
-Getting Impacket
-================
-
-### Latest version
-
-* Impacket v0.10.0
-
-  [![Python versions](https://img.shields.io/pypi/pyversions/impacket.svg)](https://pypi.python.org/pypi/impacket/)
-
-[Current and past releases](https://github.com/SecureAuthCorp/impacket/releases)
-
-### Development version
-
-* Impacket v0.10.1-dev (**[master branch](https://github.com/SecureAuthCorp/impacket/tree/master)**)
-
-  [![Python versions](https://img.shields.io/badge/python-3.6%20|%203.7%20|%203.8%20|%203.9-blue.svg)](https://github.com/SecureAuthCorp/impacket/tree/master)
-
-
 Setup
 =====
 
 ### Quick start
 
-In order to grab the latest stable release with `pip` run:
-
-    python3 -m pip install impacket
-
-> :information_source: This will make the Impacket library available to
-your Python code, but will not provide you with the example scripts. 
-
-### Installing the library + example scripts
-
-In order to install the library and the example scripts, download and
-extract the package, and execute the following command from the
-directory where the Impacket's release has been unpacked:
-
-    python3 -m pip install .
-
-> :information_source: This will install the library into the default Python
-modules path, where you can make use of the example scripts from the directory.
-
-> :warning: Make sure the example scripts you're using are consistent with the
-library version that's installed in your python environment.
-We recommend using [virtual environments](https://docs.python.org/3/library/venv.html) to
-make sure system-wide installations doesn't interfere with it.
-
-
-### Docker Support
-
-Build Impacket's image:
-
-      $ docker build -t "impacket:latest" .
-
-Using Impacket's image:
-
-      $ docker run -it --rm "impacket:latest"
-
-Testing
-=======
-
-The library leverages the [pytest](https://docs.pytest.org/) framework for organizing
-and marking test cases, [tox](https://tox.readthedocs.io/) to automate the process of
-running them across supported Python versions, and [coverage](https://coverage.readthedocs.io/)
-to obtain coverage statistics.
-
-A [comprehensive testing guide](TESTING.md) is available.
-
+```
+git clone https://github.com/ThePorgs/impacket
+pipx install /path/to/impacket
+```
 
 Licensing
 =========
@@ -123,28 +38,3 @@ the Apache Software License. See the accompanying [LICENSE](LICENSE) file for
 more information.
 
 SMBv1 and NetBIOS support based on Pysmb by Michael Teo.
-
-Disclaimer
-==========
-
-The spirit of this Open Source initiative is to help security researchers,
-and the community, speed up research and educational activities related to
-the implementation of networking protocols and stacks.
-
-The information in this repository is for research and educational purposes
-and not meant to be used in production environments and/or as part
-of commercial products.
-
-If you desire to use this code or some part of it for your own uses, we
-recommend applying proper security development life cycle and secure coding
-practices, as well as generate and track the respective indicators of
-compromise according to your needs.
-
-
-Contact Us
-==========
-
-Whether you want to report a bug, send a patch, or give some suggestions
-on this package, drop us a few lines at oss@secureauth.com.
-
-For security-related questions check our [security policy](SECURITY.md).

SECURITY.md

@@ -4,4 +4,4 @@ Security Policy
 Although this initiative is not meant to be used in productive environments,
 if you consider that you have identified an issue that might affect the
 security of its users, or you understand that the tool is being abused,
-you can contact us at oss-security@secureauth.com.
+you can contact us at https://www.coresecurity.com/about/contact.

examples/Get-GPPPassword.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # Impacket - Collection of Python classes for working with network protocols.
 #
-# SECUREAUTH LABS. Copyright (C) 2021 SecureAuth Corporation. All rights reserved.
+# Copyright (C) 2022 Fortra. All rights reserved.
 #
 # This software is provided under a slightly modified version
 # of the Apache Software License. See the accompanying LICENSE file

examples/GetADUsers.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # Impacket - Collection of Python classes for working with network protocols.
 #
-# SECUREAUTH LABS. Copyright (C) 2021 SecureAuth Corporation. All rights reserved.
+# Copyright (C) 2022 Fortra. All rights reserved.
 #
 # This software is provided under a slightly modified version
 # of the Apache Software License. See the accompanying LICENSE file

examples/GetNPUsers.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # Impacket - Collection of Python classes for working with network protocols.
 #
-# SECUREAUTH LABS. Copyright (C) 2021 SecureAuth Corporation. All rights reserved.
+# Copyright (C) 2022 Fortra. All rights reserved.
 #
 # This software is provided under a slightly modified version
 # of the Apache Software License. See the accompanying LICENSE file