Impacket is a collection of Python classes focused on providing access to network packets. Impacket allows Python developers to craft and decode network packets in simple and consistent manner.
June 2016: 0.9.15:
1) Library improvements
* SMB3.create: define CreateContextsOffset and CreateContextsLength when applicable (by @rrerolle)
* Retrieve user principal name from CCache file allowing to call any script with -k and just the target system (by @MrTchuss)
* Packet fragmentation for DCE RPC layer mayor overhaul.
* Improved pass-the-key attacks scenarios (by @skelsec)
* Adding a minimalistic LDAP/s implementation (supports PtH/PtT/PtK). Only search is available (and you need to
build the search filter yourself)
* IPv6 improvements for DCERPC/LDAP and Kerberos
2) Examples improvements
* Adding -dc-ip switch to all examples. It allows to specify what the IP for the domain is. It assumes the DC and KDC
resides in the same server
a. Adding support for Win2016 TP4 in LOCAL or -use-vss mode
b. Adding -just-dc-user switch to download just a single user data (DRSUAPI mode only)
c. Support for different ReplEpoch (DRSUAPI only)
d. pwdLastSet is also included in the output file
e. New structures/flags added for 2016 TP5 PAM support
a. Adding -rpc-auth-level switch (by @gadio)
a. Added option to specify authentication status code to be sent to requesting client (by @mgeeky)
b. Added one-shot parameter. After successful authentication, only execute the attack once for each target (per protocol)
3) New Examples
* GetUserSPNs.py: This module will try to find Service Principal Names that are associated with normal user account.
This is part of the kerberoast attack researched by Tim Medin (@timmedin)
* ntlmrelayx.py: smbrelayx.py on steroids!. NTLM relay attack from/to multiple protocols (HTTP/SMB/LDAP/MSSQL/etc)
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.