Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Issue #371] Add NetNTLMv2 hash capture to README #383

Merged
merged 38 commits into from
Jan 17, 2022
Merged

[Issue #371] Add NetNTLMv2 hash capture to README #383

merged 38 commits into from
Jan 17, 2022

Commits on Jan 7, 2022

  1. Add NetNTLMv2 hash capture to README

    @lubiedo
    lubiedo committed Jan 7, 2022
    Configuration menu
    Copy the full SHA
    0088f15 View commit details
    Browse the repository at this point in the history

Commits on Jan 10, 2022

  1. Add more information to the README

    @lubiedo
    lubiedo committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    e1a222a View commit details
    Browse the repository at this point in the history

  2. Specify log file

    @lubiedo
    lubiedo committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    772c248 View commit details
    Browse the repository at this point in the history

  3. Update README.md 

    Co-authored-by: Olivier Bilodeau <olivier@bottomlesspit.org>
    @lubiedo @obilodeau
    lubiedo and obilodeau committed Jan 10, 2022
    Configuration menu
    Copy the full SHA
    f08a9e7 View commit details
    Browse the repository at this point in the history

Commits on Jan 13, 2022

  1. chore(363): replace notify2 by py-notifier.

    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    89f1da4 View commit details
    Browse the repository at this point in the history

  2. chore: remove dbus dependencies

    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    87d3313 View commit details
    Browse the repository at this point in the history

  3. cleanup: remove notify-osd

    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    c384eb3 View commit details
    Browse the repository at this point in the history

  4. Removed leftover comment in Dockerfile

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    1297fef View commit details
    Browse the repository at this point in the history

  5. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    f602830 View commit details
    Browse the repository at this point in the history

  6. Capture the NetNTLM hash if server enforces NLA (GoSecure#367) 

    If we don't use the NLA redirection feature and the server doesn't support downgrade attacks then the best we can do is steal the hash. Some ASN.1 BER improvements were required as well.

Fixes GoSecure#358

Co-authored-by: Olivier Bilodeau <obilodeau@gosecure.net>
    @lubiedo @obilodeau
    lubiedo and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    d8408a8 View commit details
    Browse the repository at this point in the history

  7. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    d90c580 View commit details
    Browse the repository at this point in the history

  8. Some type hint improvements

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    30665b6 View commit details
    Browse the repository at this point in the history

  9. Not longer assuming every connection will have VirtualChannels 

    Improved the situation with GoSecure#294
    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    b113492 View commit details
    Browse the repository at this point in the history

  10. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    5f0092a View commit details
    Browse the repository at this point in the history

  11. fix(331): Call conversion handler cleanup.

    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    9b3ca1a View commit details
    Browse the repository at this point in the history

  12. fix: revert conversion success message for now.

    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    2eae592 View commit details
    Browse the repository at this point in the history

  13. Fixing type errors with high-precision pcaps 

    > TypeError: 'EDecimal' object cannot be interpreted as an integer

I wasn't getting those error before, I think it might be python 3.10 related.

Flooring gets rid of the error. That information was lost anyway.
    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    dee25d8 View commit details
    Browse the repository at this point in the history

  14. Fixed many TLS decryption issues when src.ip == dst.ip 

    Introduced an InetSocketAddress abstraction and adapted all code paths to it.
    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    ff5875a View commit details
    Browse the repository at this point in the history

  15. Refactoring to regroup hardcoded PDU offsets and class renamed

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    1d88dc0 View commit details
    Browse the repository at this point in the history

  16. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    b900edc View commit details
    Browse the repository at this point in the history

  17. Python 3.10 support: collections no longer exports Mapping 

    This was emitting a DeprecationWarning since Python 3.3 but we never saw
it... See https://docs.python.org/3/whatsnew/3.9.html#you-should-check-for-deprecationwarning-in-your-code
    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    9891f7b View commit details
    Browse the repository at this point in the history

  18. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    fabc836 View commit details
    Browse the repository at this point in the history

  19. fix: Better success and error messages for pyrdp-convert (GoSecure#369) 

    * fix: make conversion success message uniform
* fix: typo in conversion layer sink
* Added pcap to json tests, removed worthless Windows test
* Added CI/CD tests for pyrdp-convert JSON and replay outputs
* pyrdp-convert: Added some exit code propagation on exceptions

Co-authored-by: Olivier Bilodeau <obilodeau@gosecure.net>
Co-authored-by: Alexandre Beaulieu <alex@segfault.me>
    @alxbl @obilodeau
    alxbl and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    77850d4 View commit details
    Browse the repository at this point in the history

  20. feat(GoSecure#313): Add support for conversion of multiple exported s… 

    …essions.

Rebased on master by @obilodeau. Some problems likely remain.
    @alxbl @obilodeau
    alxbl authored and obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    07c2006 View commit details
    Browse the repository at this point in the history

  21. Moving GitHub workflow tests out to a shell script 

    Allows us to run them locally easily
    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    7543907 View commit details
    Browse the repository at this point in the history

  22. refactor to use Exported PDU struct (now called ExportedPDU)

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    2bfd61e View commit details
    Browse the repository at this point in the history

  23. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    6739b21 View commit details
    Browse the repository at this point in the history

  24. doc: moved out pycrypto to pycryptodome update doc

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    1b1d5e9 View commit details
    Browse the repository at this point in the history

  25. doc: completely reworked section about pyrdp-mitm output

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    eb8647b View commit details
    Browse the repository at this point in the history

  26. doc: reworked pyrdp-convert sections

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    0bd9180 View commit details
    Browse the repository at this point in the history

  27. Added great RDP protocol intro

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    94a50c3 View commit details
    Browse the repository at this point in the history

  28. doc: extracted twistd doc into docs/ with a reference to it

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    fc42c13 View commit details
    Browse the repository at this point in the history

  29. doc: re-read README and modernized it

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    e2d17b9 View commit details
    Browse the repository at this point in the history

  30. doc: TOC cleanup and some re-org

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    5e6e915 View commit details
    Browse the repository at this point in the history

  31. Updated CHANGELOG

    @obilodeau
    obilodeau committed Jan 13, 2022
    Configuration menu
    Copy the full SHA
    a9f508a View commit details
    Browse the repository at this point in the history

Commits on Jan 17, 2022

  1. doc: rework NLA doc 

    - link to blog posts
- mention version where feature introduced
- link to cert extraction doc
- NLA -> Network Level Authentication
- Avoiding confusing NLA vs non-NLA in the MITM sense not server sense (confusing I told you ;)
- Fixed log file name
    @obilodeau
    obilodeau committed Jan 17, 2022
    Configuration menu
    Copy the full SHA
    d70121f View commit details
    Browse the repository at this point in the history

  2. doc: diagram and more context around the --nla-redirection attack

    @obilodeau
    obilodeau committed Jan 17, 2022
    Configuration menu
    Copy the full SHA
    2be1646 View commit details
    Browse the repository at this point in the history

  3. doc: link to tools

    @obilodeau
    obilodeau committed Jan 17, 2022
    Configuration menu
    Copy the full SHA
    57eb409 View commit details
    Browse the repository at this point in the history