-
Notifications
You must be signed in to change notification settings - Fork 248
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Issue #371] Add NetNTLMv2 hash capture to README #383
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This addresses one portion of the request in #371. The other two need to be done as well.
@obilodeau Committed some changes, let me know if everything is OK |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did another round of review. The notes are mostly to myself, I think I should pick-it up from here.
Co-authored-by: Olivier Bilodeau <[email protected]>
If we don't use the NLA redirection feature and the server doesn't support downgrade attacks then the best we can do is steal the hash. Some ASN.1 BER improvements were required as well. Fixes GoSecure#358 Co-authored-by: Olivier Bilodeau <[email protected]>
Improved the situation with GoSecure#294
> TypeError: 'EDecimal' object cannot be interpreted as an integer I wasn't getting those error before, I think it might be python 3.10 related. Flooring gets rid of the error. That information was lost anyway.
Introduced an InetSocketAddress abstraction and adapted all code paths to it.
This was emitting a DeprecationWarning since Python 3.3 but we never saw it... See https://docs.python.org/3/whatsnew/3.9.html#you-should-check-for-deprecationwarning-in-your-code
* fix: make conversion success message uniform * fix: typo in conversion layer sink * Added pcap to json tests, removed worthless Windows test * Added CI/CD tests for pyrdp-convert JSON and replay outputs * pyrdp-convert: Added some exit code propagation on exceptions Co-authored-by: Olivier Bilodeau <[email protected]> Co-authored-by: Alexandre Beaulieu <[email protected]>
…essions. Rebased on master by @obilodeau. Some problems likely remain.
Allows us to run them locally easily
- link to blog posts - mention version where feature introduced - link to cert extraction doc - NLA -> Network Level Authentication - Avoiding confusing NLA vs non-NLA in the MITM sense not server sense (confusing I told you ;) - Fixed log file name
Dammit I screwed up, I brought in all changes in master since PR was created by accident... Review can focus on my last commit. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I finished the changes
@obilodeau Let me know if there's more to be added