v1.2.0

What's Changed

• tests: improve output of e2e tests for errors by @Marshall-Hallenbeck in #120
• Ms17 010 error handling by @Marshall-Hallenbeck in #121
• fix(smb errors): getErrorString only returns one item, not a tuple by @Marshall-Hallenbeck in #119
• Add New Ldap Flag --active-users by @termanix in #128
  • Serves the same purpose as --users, but filters out deactivated accounts
• Fix bug in WCC module by @fpreynaud in #137
• Fix array index by @NeffIsBack in #140
• [winrm] better output by @XiaoliChan in #114
• Fix: iis module cmd exec quotes by @0xlazY in #146
• Modules enumeration ldap by @Syzik in #133
  • Added two modules for querying the attributes userPassword and unixUserPassword
  • These attributes are sometimes filled with cleartext passwords by 3rd party applications, also see https://swisskyrepo.github.io/InternalAllTheThings/active-directory/pwd-comments/
• Restructure how laps login works to fix login issues by @NeffIsBack in #141
• Remove domain DN from ldap query, fixes #144 by @NeffIsBack in #150
• Fixing binaries for RDP and WINRM by @NeffIsBack in #130
• Removing deprec… by @NeffIsBack in #132
• add argcomplete bash/zsh completion by @Adamkadaban in #148
  • When installed with pipx, netexec now supports autocomplete when pressing tab. See the wiki for the setup.
• Fixing module name check with windows backspace path by @NeffIsBack in #155
• Fix some issues in deps by @thiagokokada in #162
• Fix issue #134 with tempfile on windows by @NeffIsBack in #135
• Surpress any errors when using rdp and broken python version by @NeffIsBack in #139
• Fix usernames with empty spaces in ntds dump by @NeffIsBack in #153
• Hotfix: Allow broader version for argcomplete to fix macos installations by @NeffIsBack in #167
• [WCC] Make check names more explicit by @fpreynaud in #169
• nxcdb: refactor shared database/workspace setup code & allow for creation/setting of workspaces outside of nxcdb interactive console by @Marshall-Hallenbeck in #123
  • Add command --get-workspace/-gw
  • Add command --create-workspace/-cw
  • Add command --set-workspace/-sw
• Allow a single word as audit mode "character" by @NeffIsBack in #179
• Write without delete will now be displayed as write access by @NeffIsBack in #183
• Remove unnecessary remote ops check by @NeffIsBack in #185
• Add error handling for protocol level by @NeffIsBack in #176
• Update ntlmv1.py by @Dfte in #173
• Update impacket dependency to pull latest changes by @NeffIsBack in #187
• Fix audit_mode in ldap by @NeffIsBack in #186
• [Module] Enum ADCS Certificate Authority without creds. by @0xjbb in #160
• [winrm] say goodbye to SMB by @XiaoliChan in #172
  • No longer need SMB to gather NTLM info
• Update README.md by @Marshall-Hallenbeck in #193
• [lib] Improve ntlm_parser.py by @XiaoliChan in #191
• [MSSQL] Improvement by @XiaoliChan in #136
  • No more SMB needed (also remove --no-smb)
  • Fix no-output option in command execution
  • Improve the logic in mssqlexec.py
  • Add --mssql-timeout
  • Fix --use-kcache
• Update connection.py to force login by @mpgn in #190
• Remove pyreadline as it causes errors in nxcdb by @NeffIsBack in #171
• Update neo4j python driver by @NeffIsBack in #202
• Fix string escaping issues for Kali package, fix some logging, and allow for lsa and sam WinRM dumping by @Marshall-Hallenbeck in #204
• Extract obsolete operating systems from LDAP by @Shad0wC0ntr0ller in #41
• fix(wcc.py): properly escape for #200 by @Marshall-Hallenbeck in #206
• Create get_fgpp.py by @sebrink in #65
• [Module] printerbug by @lodos2005 in #163
• Revert #190 to enable null-auth without explicit specification by @NeffIsBack in #208
• Adding the fileNamePrefix which was introduced in bloodhound so files… by @NeffIsBack in #212
• Stop Netexec from adding null auth user to bloodhound by @NeffIsBack in #213
• Fix SMB users lookup and return last password set date by @Marshall-Hallenbeck in #214
• Fix: module names 8-10 chars being cut off by @Marshall-Hallenbeck in #220
• Update LDAP users lookup to match SMB by @Marshall-Hallenbeck in #215
• BloodHound & hash_spider fixes by @Marshall-Hallenbeck in #226
• [ldap-checker] Module fix by @zblurx in #216
• Fixing antivirus enumeration by @NeffIsBack in #218
  • add new AVs to enumerate
• Update LDAP active users lookup to match SMB by @termanix in #224
• Several LDAP improvements by @NeffIsBack in #152
• Module 'get-desc-users' Update - Marshall's #201 Issue Bug Fix by @termanix in #228
• Make loggedon-users unique to reduce spam and fix alignment by @NeffIsBack in #222
• Several ldap bug fixes by @NeffIsBack in #227
• Logging fixes (double logging & function caller obfuscation) by @Marshall-Hallenbeck in #229
• Logging in DEBUG mode: change normal output from DEBUG to INFO by @Marshall-Hallenbeck in #231
• rename MAQ.py to maq.py by @Marshall-Hallenbeck in #238
• Fix testing and linting by @NeffIsBack in #230
• Small QOL changes by @NeffIsBack in #240
• Winlogon Autologon module by @swisskyrepo in #236
• fix --users for LDAP proto by @zblurx in #235
• Neff qol the second by @NeffIsBack in #242
• Remove oscrypto and swap back to fortra/impacket by @NeffIsBack in #234
• --kerberoast Improvement by @Kahvi-0 in #126
• Add git commit to version command by @Marshall-Hallenbeck in #239
• Fix tmp PATH on windows for msol and scuffy by @NeffIsBack in #244
• Add missing packages to spec file, fixing ldap and pso module by @NeffIsBack in #247
• Add verbosity to dpapi, so the user knows if no secrets were found by @NeffIsBack in #246
• bugfixes: add-computer & nanodump modules by @Marshall-Hallenbeck in #237
• fixed one grammar error repeated in several files by @scottymiller9 in #251
• Fix ssh authentication with encrypted ssh file by @NeffIsBack in #254
• Update Slinky module by @Marshall-Hallenbeck in #255
• Fix "Too many open files" by @NeffIsBack in #257
• Fix computers enum by @zblurx in #259
• Update lsassy.py by @mpgn in #262
• Ldap active users bug fix by @termanix in #248
• ldap-checker: fix for Python 3.12 compatibility by @exploide in #270
• Fix ssh auth message by @NeffIsBack in #272
• fix mssql_priv by @sepauli in #277
• Fixing #263 by @NeffIsBack in #271
• Fix bug where modules would be the same object across protocols by @NeffIsBack in #250
• Updating dependencies by @NeffIsBack in #269
• Add feature request template by @Marshall-Hallenbeck in #283
• Fix #284 by @NeffIsBack in #285
• Reduce third party debug logging by @Marshall-Hallenbeck in #290
• Feat: Allow for running specific e2e tests by line number by @Marshall-Hallenbeck in #297
  • helpful for devs who just want to tests some e2e test commands
• #281 - Multi-file put/get for smb by @wumb0 in #282
  • Can now multi put/get files in one command
• Change jitter option to throttle authentications by @NeffIsBack in #291
  • Changed the old jitter function to randomly insert sleeps before authenticating
• Create Pull Request Template by @Marshall-Hallenbeck in #299
• fix issue #252 by @mpgn in #304
• Update e2e_commands.txt by @termanix in #298
• Revert a9bd576 by @NeffIsBack in #305
• Update test.yml to include pipx install by @mpgn in #265
• Add PuTTY module and fix WinSCP by @NeffIsBack in #249
  • A new module to query for saved private keys in PuTTY
  • Add detection for saved proxy credentials in PuTTY
  • Bug fixes and improvements for WinSCP cred dumping
• Fix: hash_spider Lsassy Parser syntax by @Marshall-Hallenbeck in #308
  • hash_spider should be working again
• fix: move PR template to the correct location by @Marshall-Hallenbeck in #310
• Fix for tests referencing files, password/username variable, and a couple KERBEROS space issues by @Marshall-Hallenbeck in #314
• Handle paramiko error when bruteforcing by @NeffIsBack in #313
  • Fixes where paramiko fails to read the ssh banner when brute forcing credentials
• fix(tests): add spaces & fix one file reference by @Marshall-Hallenbeck in #318
• [DNS] Add DNS args by @XiaoliChan in #196
  • Allow using force IPv6 with -6
  • Allow specify DNS server with --dns-server
  • Allow using tcp DNS query with --dns-tcp
  • Set DNS query timeout with --dns-timeout
  • Auto resolve DC IP and set it as kdcHost, which means you can play with kerberos stuff without set /etc/hosts files
• Refactor/fix/update PowerShell and related features by @Marshall-Hallenbeck in #296
  • Tons of Powershell fixes for both SMB and MSSQL
  • met_inject module should work again!
  • 32-bit Powershell usage also helps running against defender
  • turn off obfuscation by default for powershell, since defender picks it up easily
  • turn off amsi-bypass by default, since it was an incredibly old signatured bypass (users can still pass in their own)
  • some test enhancements for us developers
• Fix: WCC Module - do not create log file on every file load by @Marshall-Hallenbeck in #307
• Improving execution speed and misc command execution improvements by @NeffIsBack in #317
• Add ldap query option by @NeffIsBack in #309
  • Can now perform raw LDAP queries with NetExec!
• Refactor argparse options by @Marshall-Hallenbeck in #321
  • Now you can append --debug and other global options to the end of commands
• Added --dns-tcp,--dns-timeout and --dns-server parameters to the ldap protocol when using --bloodhound by @Fabrizzio53 in #325
• Passwords dump update by @zblurx in #225
  • Can now dump Google Refresh Token, SCCM, VNC, mRemoteNG, and mobaxterm creds!
• Improve testing suite by @NeffIsBack in #315
• Windows Fixes for v1.2 by @Marshall-Hallenbeck in #326
• ItsAlwaysDNS by @NeffIsBack in #327

New Contributors

• @termanix made their first contribution in #128
• @fpreynaud made their first contribution in #137
• @0xlazY made their first contribution in #146
• @Syzik made their first contribution in #133
• @Adamkadaban made their first contribution in #148
• @thiagokokada made their first contribution in #162
• @0xjbb made their first contribution in #160
• @Shad0wC0ntr0ller made their first contribution in #41
• @sebrink made their first contribution in #65
• @lodos2005 made their first contribution in #163
• @swisskyrepo made their first contribution in #236
• @Kahvi-0 made their first contribution in #126
• @scottymiller9 made their first contribution in #251
• @exploide made their first contribution in #270
• @sepauli made their first contribution in #277
• @wumb0 made their first contribution in #282
• @Fabrizzio53 made their first contribution in #325

Full Changelog: v1.1.0...v1.2.0