From d25613b1de6fdada209154014dcbd7d77180e97a Mon Sep 17 00:00:00 2001 From: James Forshaw Date: Tue, 23 Apr 2019 23:05:00 +0100 Subject: [PATCH] Updated to version 1.1.21. --- NtApiDotNet/NtApiDotNet.Core.csproj | 2 +- NtApiDotNet/NtApiDotNet.nuspec | 27 +++++++------------ NtApiDotNet/Properties/AssemblyInfo.cs | 4 +-- NtObjectManager/NtObjectManager.Core.csproj | 2 +- NtObjectManager/NtObjectManager.psd1 | 29 +++++++-------------- NtObjectManager/Properties/AssemblyInfo.cs | 4 +-- README.txt | 11 ++++++++ 7 files changed, 36 insertions(+), 43 deletions(-) diff --git a/NtApiDotNet/NtApiDotNet.Core.csproj b/NtApiDotNet/NtApiDotNet.Core.csproj index f0addd59c..1105b9905 100644 --- a/NtApiDotNet/NtApiDotNet.Core.csproj +++ b/NtApiDotNet/NtApiDotNet.Core.csproj @@ -7,7 +7,7 @@ James Forshaw Google Inc. NtApiDotNet - 1.1.20.0 + 1.1.21.0 Copyright © Google Inc. 2016, 2017, 2018, 2019 1.0.0.0 https://www.apache.org/licenses/LICENSE-2.0 diff --git a/NtApiDotNet/NtApiDotNet.nuspec b/NtApiDotNet/NtApiDotNet.nuspec index 267932b67..90d7046c4 100644 --- a/NtApiDotNet/NtApiDotNet.nuspec +++ b/NtApiDotNet/NtApiDotNet.nuspec @@ -11,25 +11,16 @@ false A .NET class library to access native NT API system calls -1.1.20 +1.1.21 -------- -* Added basic ALPC support including cmdlets. -* Added better debug support including cmdlets. -* Display container access rights in SD GUI and also extract SACL if available. -* Added Set/Get-NtProcessMitigation policy to get specific policies. -* Exposed process mitigation policies using flag enums. -* Added Win32.AppContainerProfile to create and delete AC profiles. -* Many new non-throwing methods added to objects. -* Added ReadScatter and WriteGather methods to NtFile. -* Improved formatting of IO Control Codes. -* Added ability to acknowledge oplock breaks. -* Added Wow64 FS redirection support. -* Use proper WIN32 NT status facility for Win32 errors as status codes. -* Added read/write to file from safe buffers. -* Added methods to zero or fill safe buffers using native methods. -* Fix bug with querying BnoIsolationPrefix which next took into account the enable flag correctly. -* Fix from diversenok "Improve detection of restricted tokens (#20)" -* Code cleanups and source code separation. +* Various updates to the NDR parser, including new types and support for correlation expressions. +* Added complete transaction cmdlets. +* Added extended process creation flags for Win32Process. +* Added Format-NtSecurityDescriptor to display on the console +* Added Copy-NtObject cmdlet. +* Added basic RPC ALPC client support. +* Added option to specify a debug object for a Win32 process. +* Added processor system information. Copyright Google Inc. 2017, 2018, 2019 syscalls diff --git a/NtApiDotNet/Properties/AssemblyInfo.cs b/NtApiDotNet/Properties/AssemblyInfo.cs index bd171ebd4..5958d81e7 100644 --- a/NtApiDotNet/Properties/AssemblyInfo.cs +++ b/NtApiDotNet/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.1.20")] -[assembly: AssemblyInformationalVersion("1.1.20")] \ No newline at end of file +[assembly: AssemblyFileVersion("1.1.21")] +[assembly: AssemblyInformationalVersion("1.1.21")] \ No newline at end of file diff --git a/NtObjectManager/NtObjectManager.Core.csproj b/NtObjectManager/NtObjectManager.Core.csproj index fec0ec9f5..86326beb8 100644 --- a/NtObjectManager/NtObjectManager.Core.csproj +++ b/NtObjectManager/NtObjectManager.Core.csproj @@ -7,7 +7,7 @@ James Forshaw Google Inc. NtObjectManager - 1.1.20.0 + 1.1.21.0 Copyright © Google Inc. 2016, 2017, 2018, 2019 1.0.0.0 https://www.apache.org/licenses/LICENSE-2.0 diff --git a/NtObjectManager/NtObjectManager.psd1 b/NtObjectManager/NtObjectManager.psd1 index f46dfbdb8..0ab164d75 100644 --- a/NtObjectManager/NtObjectManager.psd1 +++ b/NtObjectManager/NtObjectManager.psd1 @@ -18,7 +18,7 @@ RootModule = 'NtObjectManager.psm1' # Version number of this module. -ModuleVersion = '1.1.20' +ModuleVersion = '1.1.21' # ID used to uniquely identify this module GUID = 'ac251c97-67a6-4bc4-bb8a-5ae300e93030' @@ -111,25 +111,16 @@ PrivateData = @{ ProjectUri = 'https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools' # ReleaseNotes of this module - ReleaseNotes = '1.1.20 + ReleaseNotes = '1.1.21 -------- -* Added basic ALPC support including cmdlets. -* Added better debug support including cmdlets. -* Display container access rights in SD GUI and also extract SACL if available. -* Added Set/Get-NtProcessMitigation policy to get specific policies. -* Exposed process mitigation policies using flag enums. -* Added Win32.AppContainerProfile to create and delete AC profiles. -* Many new non-throwing methods added to objects. -* Added ReadScatter and WriteGather methods to NtFile. -* Improved formatting of IO Control Codes. -* Added ability to acknowledge oplock breaks. -* Added Wow64 FS redirection support. -* Use proper WIN32 NT status facility for Win32 errors as status codes. -* Added read/write to file from safe buffers. -* Added methods to zero or fill safe buffers using native methods. -* Fix bug with querying BnoIsolationPrefix which next took into account the enable flag correctly. -* Fix from diversenok "Improve detection of restricted tokens (#20)" -* Code cleanups and source code separation. +* Various updates to the NDR parser, including new types and support for correlation expressions. +* Added complete transaction cmdlets. +* Added extended process creation flags for Win32Process. +* Added Format-NtSecurityDescriptor to display on the console +* Added Copy-NtObject cmdlet. +* Added basic RPC ALPC client support. +* Added option to specify a debug object for a Win32 process. +* Added processor system information. ' # External dependent modules of this module diff --git a/NtObjectManager/Properties/AssemblyInfo.cs b/NtObjectManager/Properties/AssemblyInfo.cs index 1bcd1d1cb..85d346870 100644 --- a/NtObjectManager/Properties/AssemblyInfo.cs +++ b/NtObjectManager/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.1.20.0")] -[assembly: AssemblyInformationalVersion("1.1.20")] +[assembly: AssemblyFileVersion("1.1.21.0")] +[assembly: AssemblyInformationalVersion("1.1.21")] diff --git a/README.txt b/README.txt index 4062033ac..c279e42e2 100644 --- a/README.txt +++ b/README.txt @@ -21,6 +21,17 @@ with .NET Core 2.0 by building the specific project files. Release Notes: +1.1.21 +-------- +* Various updates to the NDR parser, including new types and support for correlation expressions. +* Added complete transaction cmdlets. +* Added extended process creation flags for Win32Process. +* Added Format-NtSecurityDescriptor to display on the console +* Added Copy-NtObject cmdlet. +* Added basic RPC ALPC client support. +* Added option to specify a debug object for a Win32 process. +* Added processor system information. + 1.1.20 -------- * Added basic ALPC support including cmdlets.