1. Library improvements
* New methods into `CCache` class to import/export kirbi (`KRB-CRED`) formatted tickets (by Zer1t0).
* Add `FSCTL_SRV_ENUMERATE_SNAPSHOTS` functionality to `SMBConnection` (by rxwx).
* Changes in NetBIOS classes in `nmb.py` (`select()` by `poll()` read from socket) (by cnotin).
* Timestamped logging added.
* Interactive shell to perform LDAP operations (by mlefebvre).
* Added two DCE/RPC calls in `tsch.py` (by mohemiv).
* Single-source the version number and standardize on semantic + pre-release + local versioning (by jsherwood0).
* Added implementation for keytab files (by kcirtapw).
* Added SMB 3.1.1 support for Client SMB Connections.
2. Examples improvements
* [smbclient.py](examples/smbclient.py):
* List the VSS snapshots for a specified path (by rxwx).
* [GetUserSPNs.py](examples/GetUserSPNs.py):
* Added delegation information associated with accounts (by G0ldenGunSec).
* [dpapi.py](examples/dpapi.py):
* Added more functions to decrypt masterkeys based on SID + hashes/key. Also support supplying hashes instead of the password for decryption(by dirkjanm).
* Pass the hash support for backup key retrieval (by imaibou).
* Added feature to decrypt a user's masterkey using the MS-BKRP (by imaibou).
* [raiseChild.py](examples/raiseChild.py):
* Added a new flag to specify the RID of a user to dump credentials (by 0xdeaddood).
* Added flags to bypass badly made detection use cases (by MaxNad):
* [smbexec.py](examples/smbexec.py):
* Possibility to rename the PSExec uploaded binary name with the `-remote-binary-name` flag.
* [psexec.py](examples/psexec.py):
* Possibility to use another service name with the `-service-name` flag.
* [ntlmrelayx.py](examples/ntlmrelayx.py):
* Added a flag to use a SID as the escalate user for delegation attacks (by 0xe7).
* Support for dumping LAPS passwords (by praetorian-adam-crosser).
* Added LDAP interactive mode that allow an attacker to manually perform basic operations
like creating a new user, adding a user to a group , dump the AD, etc. (by mlefebvre).
* Support for multiple relays through one SMB connection (by 0xdeaddood).
* Added support for dumping gMSA passwords (by cube0x0).
* [ticketer.py](examples/ticketer.py):
* Added an option to use the SPNs keys from a keytab for a silver ticket(by kcirtapw)
3. New Examples
- [addcomputer.py](examples/addcomputer.py): Allows add a computer to a domain using LDAP
or SAMR (SMB) (by jagotu)
- [ticketConverter.py](examples/ticketConverter.py): This script converts kirbi files,
commonly used by mimikatz, into ccache files used by Impacket, and vice versa (by Zer1t0).
- [findDelegation.py](examples/findDelegation.py): Simple script to quickly list all
delegation relationships (unconstrained, constrained, resource-based constrained) in
an AD environment (by G0ldenGunSec).
As always, thanks a lot to all these contributors that make this library better every day (since last version):
jagotu, Zer1t0 ,rxwx, mpgn, danhph, awsmhacks, slasyz, cnotin, exploide, G0ldenGunSec, dirkjanm, 0xdeaddood, MaxNad, imaibou, BarakSilverfort, 0xe7, mlefebvre, rmaksimov, praetorian-adam-crosser, jsherwood0, mohemiv, justin-p, cube0x0, spinenkoia, kcirtapw, MrAnde7son, fridgehead, MarioVilas.