Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Issue #371] Add NetNTLMv2 hash capture to README #383

Merged
merged 38 commits into from
Jan 17, 2022
Merged

[Issue #371] Add NetNTLMv2 hash capture to README #383

merged 38 commits into from
Jan 17, 2022

Conversation

lubiedo
Copy link
Contributor

@lubiedo lubiedo commented Jan 7, 2022

@obilodeau Let me know if there's more to be added

@lubiedo lubiedo self-assigned this Jan 7, 2022
obilodeau
obilodeau requested changes Jan 10, 2022
View reviewed changes
Copy link
Member

@obilodeau obilodeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This addresses one portion of the request in #371. The other two need to be done as well.

README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@lubiedo
Copy link
Contributor Author

lubiedo commented Jan 10, 2022

@obilodeau Committed some changes, let me know if everything is OK

obilodeau
obilodeau reviewed Jan 10, 2022
View reviewed changes
Copy link
Member

@obilodeau obilodeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did another round of review. The notes are mostly to myself, I think I should pick-it up from here.

README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
README.md Outdated Show resolved Hide resolved
@lubiedo @obilodeau
Update README.md
f08a9e7 
Co-authored-by: Olivier Bilodeau <olivier@bottomlesspit.org>
@obilodeau obilodeau self-assigned this Jan 13, 2022
alxbl and others added 21 commits January 13, 2022 17:33
@alxbl @obilodeau
chore(363): replace notify2 by py-notifier.
89f1da4
@alxbl @obilodeau
chore: remove dbus dependencies
87d3313
@alxbl @obilodeau
cleanup: remove notify-osd
c384eb3
@obilodeau
Removed leftover comment in Dockerfile
1297fef
@obilodeau
Updated CHANGELOG
f602830
@lubiedo @obilodeau
Capture the NetNTLM hash if server enforces NLA (GoSecure#367)
d8408a8 
If we don't use the NLA redirection feature and the server doesn't support downgrade attacks then the best we can do is steal the hash. Some ASN.1 BER improvements were required as well.

Fixes GoSecure#358

Co-authored-by: Olivier Bilodeau <obilodeau@gosecure.net>
@obilodeau
Updated CHANGELOG
d90c580
@obilodeau
Some type hint improvements
30665b6
@obilodeau
Not longer assuming every connection will have VirtualChannels
b113492 
Improved the situation with GoSecure#294
@obilodeau
Updated CHANGELOG
5f0092a
@alxbl @obilodeau
fix(331): Call conversion handler cleanup.
9b3ca1a
@alxbl @obilodeau
fix: revert conversion success message for now.
2eae592
@obilodeau
Fixing type errors with high-precision pcaps
dee25d8 
> TypeError: 'EDecimal' object cannot be interpreted as an integer

I wasn't getting those error before, I think it might be python 3.10 related.

Flooring gets rid of the error. That information was lost anyway.
@obilodeau
Fixed many TLS decryption issues when src.ip == dst.ip
ff5875a 
Introduced an InetSocketAddress abstraction and adapted all code paths to it.
@obilodeau
Refactoring to regroup hardcoded PDU offsets and class renamed
1d88dc0
@obilodeau
Updated CHANGELOG
b900edc
@obilodeau
Python 3.10 support: collections no longer exports Mapping
9891f7b 
This was emitting a DeprecationWarning since Python 3.3 but we never saw
it... See https://docs.python.org/3/whatsnew/3.9.html#you-should-check-for-deprecationwarning-in-your-code
@obilodeau
Updated CHANGELOG
fabc836
@alxbl @obilodeau
fix: Better success and error messages for pyrdp-convert (GoSecure#369)
77850d4 
* fix: make conversion success message uniform
* fix: typo in conversion layer sink
* Added pcap to json tests, removed worthless Windows test
* Added CI/CD tests for pyrdp-convert JSON and replay outputs
* pyrdp-convert: Added some exit code propagation on exceptions

Co-authored-by: Olivier Bilodeau <obilodeau@gosecure.net>
Co-authored-by: Alexandre Beaulieu <alex@segfault.me>
@alxbl @obilodeau
feat(GoSecure#313): Add support for conversion of multiple exported s…
07c2006 
…essions.

Rebased on master by @obilodeau. Some problems likely remain.
@obilodeau
Moving GitHub workflow tests out to a shell script
7543907 
Allows us to run them locally easily
@obilodeau
Copy link
Member

Dammit I screwed up, I brought in all changes in master since PR was created by accident... Review can focus on my last commit.

obilodeau
obilodeau approved these changes Jan 17, 2022
View reviewed changes
Copy link
Member

@obilodeau obilodeau left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I finished the changes

@obilodeau obilodeau merged commit f5956ed into GoSecure:master Jan 17, 2022
@obilodeau obilodeau mentioned this pull request Jan 17, 2022
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@obilodeau obilodeau obilodeau approved these changes

Assignees

@obilodeau obilodeau

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@lubiedo @obilodeau @alxbl