Network protocols Constructors and Dissectors
Project description
Impacket is a collection of Python classes focused on providing access to network packets. Impacket allows Python developers to craft and decode network packets in simple and consistent manner.
May 2015: 0.9.13:
1. Library improvements
- Kerberos support for SMB and DCERPC featuring:
1. kerberosLogin() added to SMBConnection (all SMB versions).
2. Support for RPC_C_AUTHN_GSS_NEGOTIATE at the DCERPC layer. This will negotiate Kerberos. This also includes DCOM.
3. Pass-the-hash, pass-the-ticket and pass-the-key support.
4. Ccache support, compatible with Kerberos utilities (kinit, klist, etc).
5. Support for RC4, AES128_CTS_HMAC_SHA1_96 and AES256_CTS_HMAC_SHA1_96 ciphers.
6. Support for RPC_C_AUTHN_LEVEL_PKT_PRIVACY/RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
- SMB3 encryption support. Pycrypto experimental version that supports AES_CCM is required.
- [MS-SAMR]: Supplemental Credentials support (used by secretsdump.py)
- SMBSERVER improvements:
a. SMB2 (2.002) dialect experimental support.
b. Adding capability to export to John The Ripper format files
- Library logging overhaul. Now there's a single logger called 'impacket'.
2. Examples improvements:
- Added Kerberos support to all modules (incl. pass-the-ticket/key)
- Ported most of the modules to the new dcerpc.v5 runtime.
- secretsdump.py: Added dumping Kerberos keys when parsing NTDS.DIT
- smbserver.py: support for SMB2 (not enabled by default)
- smbrelayx.py: Added support for MS15-027 exploitation.
3. New examples:
- goldenPac.py: MS14-068 exploit. Saves the golden ticket and also launches a psexec session at the target.
- karmaSMB.py: SMB Server that answers specific file contents regardless of the SMB share and pathname requested.
- wmipersist.py: Creates persistence over WMI. Adds/Removes WMI Event Consumers/Filters to execute VBS based on a WQL filter or timer specified.
- netview.py: Gets a list of the sessions opened at the remote hosts looping over the hosts found keeping track of who logged in/out from remote servers.
May 2015: 0.9.13:
1. Library improvements
- Kerberos support for SMB and DCERPC featuring:
1. kerberosLogin() added to SMBConnection (all SMB versions).
2. Support for RPC_C_AUTHN_GSS_NEGOTIATE at the DCERPC layer. This will negotiate Kerberos. This also includes DCOM.
3. Pass-the-hash, pass-the-ticket and pass-the-key support.
4. Ccache support, compatible with Kerberos utilities (kinit, klist, etc).
5. Support for RC4, AES128_CTS_HMAC_SHA1_96 and AES256_CTS_HMAC_SHA1_96 ciphers.
6. Support for RPC_C_AUTHN_LEVEL_PKT_PRIVACY/RPC_C_AUTHN_LEVEL_PKT_INTEGRITY.
- SMB3 encryption support. Pycrypto experimental version that supports AES_CCM is required.
- [MS-SAMR]: Supplemental Credentials support (used by secretsdump.py)
- SMBSERVER improvements:
a. SMB2 (2.002) dialect experimental support.
b. Adding capability to export to John The Ripper format files
- Library logging overhaul. Now there's a single logger called 'impacket'.
2. Examples improvements:
- Added Kerberos support to all modules (incl. pass-the-ticket/key)
- Ported most of the modules to the new dcerpc.v5 runtime.
- secretsdump.py: Added dumping Kerberos keys when parsing NTDS.DIT
- smbserver.py: support for SMB2 (not enabled by default)
- smbrelayx.py: Added support for MS15-027 exploitation.
3. New examples:
- goldenPac.py: MS14-068 exploit. Saves the golden ticket and also launches a psexec session at the target.
- karmaSMB.py: SMB Server that answers specific file contents regardless of the SMB share and pathname requested.
- wmipersist.py: Creates persistence over WMI. Adds/Removes WMI Event Consumers/Filters to execute VBS based on a WQL filter or timer specified.
- netview.py: Gets a list of the sessions opened at the remote hosts looping over the hosts found keeping track of who logged in/out from remote servers.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
impacket-0.9.13.tar.gz
(1.0 MB
view hashes)