Impacketis highly effective when used in conjunction with a packet capture utility or package such as Pcapy. Packets can be constructed from scratch, as well as parsed from raw data. Furthermore, the object oriented API makes it simple to work with deep protocol hierarchies.
1) Added 802.11 packets encoding/decoding
2) Addition of support for IP6, ICMP6 and NDP packets. Addition of IP6_Address helper class.
a. GSS-API/SPNEGO Support.
b. SPN support in auth blob.
c. NTLM2 and NTLMv2 support.
d. Default SMB port now 445. If *SMBSERVER is specified the library will try to resolve the netbios name.
e. Pass the hash supported for SMB/DCE-RPC.
f. IPv6 support for SMB/NMB/DCERPC.
g. DOMAIN support for authentication.
h. SMB signing support when server enforces it.
i. DCERPC signing/sealing for all NTLM flavours.
j. DCERPC transport now accepts an already established SMB connection.
k. Basic SMBServer implementation in Python. It allows third-party DCE-RPC servers to handle DCERPC Request (by forwarding named pipes requests).
l. Minimalistic SRVSVC dcerpc server to be used by SMBServer in order to avoidg Windows 7 nasty bug when that pipe’s not functional.
4) DCERPC Endpoints’ new calls:
a. SRVSVC: NetrShareEnum(Level1), NetrShareGetInfo(Level2), NetrServerGetInfo(Level2), NetrRemoteTOD(), NetprNameCanonicalize().
b. SVCCTL: CloseServiceHandle(), OpenSCManagerW(), CreateServiceW(), StartServiceW(), OpenServiceW(), OpenServiceA(), StopService(), DeleteService(), EnumServicesStatusW(), QueryServiceStatus(), QueryServiceConfigW().
c. WKSSVC: NetrWkstaTransportEnum().
d. SAMR: OpenAlias(), GetMembersInAlias().
e. LSARPC: LsarOpenPolicy2(), LsarLookupSids(), LsarClose().
5) New examples:
a. ifmap.py: First, this binds to the MGMT interface and gets a list of interface IDs. It adds to this a large list of interface UUIDs seen in the wild. It then tries to bind to each interface and reports whether the interface is listed and/or listening.
b. lookupsid.py: DCE/RPC lookup sid brute forcer example.
c. opdump.py: This binds to the given hostname:port and DCERPC interface. Then, it tries to call each of the first 256 operation numbers in turn and reports the outcome of each call.
d. services.py: SVCCTL services common functions for manipulating services (START/STOP/DELETE/STATUS/CONFIG/LIST).
e. test_wkssvc: DCE/RPC WKSSVC examples, playing with the functions Implemented.
f. smbrelayx: Passes credentials to a third party server when doing MiTM.
g. smbserver: Multiprocess/threading smbserver supporting common file server functions. Authentication all done but not enforced. Tested under Windows, Linux and MacOS clients.
h. smbclient.py: now supports history, new commands also added.
i. psexec.py: Execute remote commands on Windows machines