Some time ago, Microsoft released a security patch that changed the way Kerberos tickets are created and validated. Bye-bye golden tickets! Bye-bye golden tickets? Let’s see how to forge tickets in 2023 with Impacket.
A new PR merged: MSSQL and the xp_dirtree procedure. You know the rest. Let’s talk about NTLM authentication coercion methods using Impacket.
The Impacket project has found a new home at Fortra 🥳. Let’s take Impacket to the next level.
NTLM relay is a well-known technique that has been with us for many years and never seems to go away. In this article you’ll find a technical guide on how to relaying credentials everywhere in 2022.
Impacket release 0.10.0 is available now and brings several new features and enhancements including a refreshed NTLMrelayx, the Kerberos Key List attack implementation, a refactored Credential Cache, the sunsetting of Python 2, and new testing infrastructure, among other things. Let’s take a look at everything new included in this version.
Some time ago Microsoft released a new feature that allows SSO to on-premises resources using security keys. This brought with it the return of the Read Only Domain Controllers and a new credential gathering vector. Let’s take a look at The Kerberos Key List attack.
Impacket release 0.9.24 is available today and includes a lot of new features and enhancements, such as an attack implementation against the Active Directory Certificate Services, an example for abusing the Kerberos Resource-Based Constrained Delegation, or the initial implementation of the [MS-PAR] protocol used by the well-known PrintNigthmare exploit. Let’s take a look at everything new included in this version.
Impacket release 0.9.23 is available now! A couple of brand-new examples scripts, Python 3.9 support, library improvements, fresh features, and even a security fix for a path traversal vulnerability are some highlights of this release. Let’s take a look at the new exciting features.
Impacket version 0.9.22 is already out and brings a bunch of new features, examples, and improvements I want to tell you about. The implementation of RPC over HTTP v2, a new NTLM relay server of ADWS (WCF) connections and support for new scenarios of Kerberoasting are some examples. Let’s take a look at everything that’s changed in this release.
The NTLM relay attack is a well-known attack method that has been around for many years… and never seems to go away. So, why not explore new approaches to this attack technique? Let me introduce you to the SMB multi-relay feature.