diff --git a/NtApiDotNet/NtApiDotNet.Core.csproj b/NtApiDotNet/NtApiDotNet.Core.csproj
index d9a6ad350..7827a8dae 100644
--- a/NtApiDotNet/NtApiDotNet.Core.csproj
+++ b/NtApiDotNet/NtApiDotNet.Core.csproj
@@ -7,8 +7,8 @@
James Forshaw
Google Inc.
NtApiDotNet
- 1.1.25.0
- Copyright © Google Inc. 2016, 2017, 2018, 2019
+ 1.1.26.0
+ Copyright © Google Inc. 2016-2020
1.0.0.0
https://www.apache.org/licenses/LICENSE-2.0
https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools
diff --git a/NtApiDotNet/NtApiDotNet.nuspec b/NtApiDotNet/NtApiDotNet.nuspec
index 6009cda46..d1775489b 100644
--- a/NtApiDotNet/NtApiDotNet.nuspec
+++ b/NtApiDotNet/NtApiDotNet.nuspec
@@ -11,19 +11,27 @@
false
A .NET class library to access native NT API system calls
-1.1.24
+1.1.26
--------
-* Added Add-NtTokenSecurityAttribute and Remove-NtTokenSecurityAttribute cmdlets.
-* Added additional properties for running servies.
-* Added support for drivers to Get-RunningService and Get-AccesibleService.
-* Added fake service NtType objects for services and SCM to allow formatting and the UI.
-* Added NtType property to security descriptors.
-* Added option to Show-NtToken to elevate to admin.
-* Added Suspend, Resume and Stop process commands.
-* Added Get-NtEaBuffer and Set-NtEaBuffer commands.
-* Added open to Get-NtDebug to get from a process.
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
- Copyright Google Inc. 2017, 2018, 2019
+ Copyright Google Inc. 2016-2020
syscalls
\ No newline at end of file
diff --git a/NtApiDotNet/Properties/AssemblyInfo.cs b/NtApiDotNet/Properties/AssemblyInfo.cs
index 1baa39d9e..abb5b3370 100644
--- a/NtApiDotNet/Properties/AssemblyInfo.cs
+++ b/NtApiDotNet/Properties/AssemblyInfo.cs
@@ -9,7 +9,7 @@
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("Google Inc.")]
[assembly: AssemblyProduct("NtApiDotNet")]
-[assembly: AssemblyCopyright("Copyright © Google Inc. 2016, 2017, 2018, 2019")]
+[assembly: AssemblyCopyright("Copyright © Google Inc. 2016-2020")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
@@ -32,5 +32,5 @@
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.1.25.0")]
-[assembly: AssemblyInformationalVersion("1.1.25")]
\ No newline at end of file
+[assembly: AssemblyFileVersion("1.1.26.0")]
+[assembly: AssemblyInformationalVersion("1.1.26")]
\ No newline at end of file
diff --git a/NtObjectManager/NtObjectManager.Core.csproj b/NtObjectManager/NtObjectManager.Core.csproj
index 14aafaee4..a33b8265b 100644
--- a/NtObjectManager/NtObjectManager.Core.csproj
+++ b/NtObjectManager/NtObjectManager.Core.csproj
@@ -7,8 +7,8 @@
James Forshaw
Google Inc.
NtObjectManager
- 1.1.25.0
- Copyright © Google Inc. 2016, 2017, 2018, 2019
+ 1.1.26.0
+ Copyright © Google Inc. 2016-2020
1.0.0.0
https://www.apache.org/licenses/LICENSE-2.0
https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools
diff --git a/NtObjectManager/NtObjectManager.psd1 b/NtObjectManager/NtObjectManager.psd1
index e442ba48b..8ad525162 100644
--- a/NtObjectManager/NtObjectManager.psd1
+++ b/NtObjectManager/NtObjectManager.psd1
@@ -18,7 +18,7 @@
RootModule = 'NtObjectManager.psm1'
# Version number of this module.
-ModuleVersion = '1.1.25'
+ModuleVersion = '1.1.26'
# ID used to uniquely identify this module
GUID = 'ac251c97-67a6-4bc4-bb8a-5ae300e93030'
@@ -30,7 +30,7 @@ Author = 'James Forshaw'
CompanyName = 'Google Inc.'
# Copyright statement for this module
-Copyright = '(c) 2016, 2017, 2018, 2019 Google Inc. All rights reserved.'
+Copyright = '(c) 2016-2020 Google Inc. All rights reserved.'
# Description of the functionality provided by this module
Description = 'This module adds a provider and cmdlets to access the NT object manager namespace.'
@@ -117,14 +117,25 @@ PrivateData = @{
ProjectUri = 'https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools'
# ReleaseNotes of this module
- ReleaseNotes = '1.1.25
+ ReleaseNotes = '1.1.26
--------
-* Added new options to Get-NtSecurityDescriptor.
-* Updated accessible resource checking.
-* Added Remove-NtTokenPrivilege.
-* Added Session option to Get-NtToken.
-* Added command line option to Show-NtToken.
-* Added information classes for symbolic links.
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
'
# External dependent modules of this module
diff --git a/NtObjectManager/Properties/AssemblyInfo.cs b/NtObjectManager/Properties/AssemblyInfo.cs
index 2a4cc7543..e9f2892cc 100644
--- a/NtObjectManager/Properties/AssemblyInfo.cs
+++ b/NtObjectManager/Properties/AssemblyInfo.cs
@@ -9,7 +9,7 @@
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("Google Inc.")]
[assembly: AssemblyProduct("NtObjectManager")]
-[assembly: AssemblyCopyright("Copyright © Google Inc. 2016, 2017, 2018, 2019")]
+[assembly: AssemblyCopyright("Copyright © Google Inc. 2016-2020")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
@@ -32,5 +32,5 @@
// by using the '*' as shown below:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.1.25.0")]
-[assembly: AssemblyInformationalVersion("1.1.25")]
+[assembly: AssemblyFileVersion("1.1.26.0")]
+[assembly: AssemblyInformationalVersion("1.1.26")]
diff --git a/README.txt b/README.txt
index 5d3f5715c..529d0739f 100644
--- a/README.txt
+++ b/README.txt
@@ -1,6 +1,6 @@
sandbox-attacksurface-analysis-tools
-(c) Google Inc. 2015, 2016, 2017, 2018, 2019
+(c) Google Inc. 2015, 2016, 2017, 2018, 2019, 2020
Developed by James Forshaw
This is a small suite of PowerShell tools to test various properties of sandboxes on Windows. Many of the
@@ -46,6 +46,26 @@ Thanks to the people who were willing to test it and give feedback:
Release Notes:
+1.1.26
+--------
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
+
1.1.25
--------
* Added new options to Get-NtSecurityDescriptor.