Impacket v0.10 releases: collection of Python classes for working with network protocols
What is Impacket?
Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself. Packets can be constructed from scratch, as well as parsed from raw data, and the object-oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.
A description of some of the tools can be found here.
What protocols are featured?
- Ethernet, Linux “Cooked” capture.
- IP, TCP, UDP, ICMP, IGMP, ARP.
- IPv4 and IPv6 Support.
- NMB and SMB1, SMB2 and SMB3 (high-level implementations).
- MSRPC version 5, over different transports: TCP, SMB/TCP, SMB/NetBIOS, and HTTP.
- Plain, NTLM, and Kerberos authentications, using password/hashes/tickets/keys.
- Portions/full implementation of the following MSRPC interfaces: EPM, DTYPES, LSAD, LSAT, NRPC, RRP, SAMR, SRVS, WKST, SCMR, BKRP, DHCPM, EVEN6, MGMT, SASEC, TSCH, DCOM, WMI, OXABREF, NSPI, OXNSPI.
- Portions of TDS (MSSQL) and LDAP protocol implementations.
- Library improvements
- Dropped support for Python 2.7.
- Refactored the testing infrastructure (@martingalloar):
- Added pytest as the testing framework to organize and mark test cases. Tox remain as the automation framework, and Coverage.py for measuring code coverage.
- Custom bash scripts were replaced with test cases auto-discovery.
- Local and remote test cases were marked for easy run and configuration.
- DCE/RPC endpoint test cases were refactored and moved to a new layout.
- An initial testing guide with the main steps to prepare a testing environment and run them.
- Fixed a good amount of DCE/RPC endpoint test cases that were failing.
- Added tests for [MS-PAR], [MS-RPRN], CCache and DPAPI.
- Added a function to compute the Netlogon Authenticator at client-side in [MS-NRPC] (@0xdeaddood)
- Added [MS-DSSP] protocol implementation (@simondotsh)
- Added GetDriverDirectory functions to [MS-PAR] and [MS-RPRN] (@raithedavion)
- Refactored the Credential Cache:
- Fixed default NTLM server challenge in smbserver (@rtpt-jonaslieb)
- Examples improvements
- Fixed a bug when a Global Address List doesn’t exist on the server (@mohemiv)
- Updated intro to not trigger the AV on windows (@mpgn)
- Implemented RAW Relay Server (@CCob)
- Added an LDAP attack dumping information about the domain’s ADCS enrollment services (@SAERXCIT)
- Added multi-relay feature to the HTTP Relay Server. Now one incoming HTTP connection could be used against multiple targets (@0xdeaddood)
- Added an option to disable the multi-relay feature (@zblurx and @0xdeaddood)
- Added multiple HTTP listeners running at the same time (@SAERXCIT)
- Support for the ADCS ESC1 and ESC6 attacks (@hugo-syn)
- Added Shadow Credentials attack (@ShutdownRepo, @Tw1sm, @nodauf and @p0dalirius)
- Added the ability to define a password for the LDAP attack addComputer (@ShutdownRepo)
- Added rename_computer and modify add_computer in LDAP interactive shell (@capnkrunchy)
- Implemented StartTLS (@ThePirateWhoSmellsOfSunflowers)
- Added an option to dump credentials using the Kerberos Key List attack (@0xdeaddood)
- New examples