forked from trustedsec/ridenum
-
Notifications
You must be signed in to change notification settings - Fork 0
/
CHANGELOG.txt
149 lines (106 loc) · 4.16 KB
/
CHANGELOG.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
~~~~~~~~~~~~~~~~~~~
version 1.7
~~~~~~~~~~~~~~~~~~~
* move ridenum to python3 (PR)
* fix issue where authentication via rpc would not work properly (PR)
* fix rpcclient when using enumdomusers (pipe stdout)
~~~~~~~~~~~~~~~~~~~
version 1.6
~~~~~~~~~~~~~~~~~~~
* added the ability to specify creds if you want to pull the entire domain and do a username/pw dump when null sessions are not available
~~~~~~~~~~~~~~~~~~~
verion 1.5.5
~~~~~~~~~~~~~~~~~~~
* added a replace for a samba warning message - would cause rid extraction to not complete
~~~~~~~~~~~~~~~~~~~
version 1.5.4
~~~~~~~~~~~~~~~~~~~
* added write out if guess is correct but account disabled
* put automatic success results in instead of waiting until having to complete
~~~~~~~~~~~~~~~~~~~
version 1.5.3
~~~~~~~~~~~~~~~~~~~
* added a fix if a blank password was used, it will try that instead of erroring out
~~~~~~~~~~~~~~~~~~~
version 1.5.2
~~~~~~~~~~~~~~~~~~~
* password expired found
~~~~~~~~~~~~~~~~~~~
version 1.5.1
~~~~~~~~~~~~~~~~~~~
* fixed twitter handle
~~~~~~~~~~~~~~~~~~~
version 1.5
~~~~~~~~~~~~~~~~~~~
* Added better handling around when zero status is returned (null) for user accounts
* Added fail message for when enumdom users wouldn't work right
* Used reindent to fix spacing issues
* Added description on the password attempt when lc username is used
~~~~~~~~~~~~~~~~~~~
version 1.4
~~~~~~~~~~~~~~~~~~~
* Added better detection on brute force account lockouts
* Added enumdomusers as a fallback in case rid enumeration fails on Win2k8/2k12 servers.
~~~~~~~~~~~~~~~~~~~
version 1.3
~~~~~~~~~~~~~~~~~~~
* Added better handling if domain name isn't specified in the userlist and lc username or uc username is used, it now works properly
~~~~~~~~~~~~~~~~~~~
version 1.2
~~~~~~~~~~~~~~~~~~~
* Added flag status for code received NT_STATUS_PASSWORD_MUST_CHANGE will detect password needs changed and log it
* Added flag status code for NT_STATUS_BAD_NETWORK_NAME
~~~~~~~~~~~~~~~~~~~
version 1.1
~~~~~~~~~~~~~~~~~~~
* Fixed an issue when lc username was used and would not be a split on \\ domain name would cause ridenum to error out
* Added NT_STATUS_LOGON_TYPE_NOT_GRANTED for exceptions handling for ridenum
~~~~~~~~~~~~~~~~~~~
version 1.0
~~~~~~~~~~~~~~~~~~~
* fixed an error message when NT_STATUS_ACCOUNT_DISABLED was thrown
~~~~~~~~~~~~~~~~~~~
version 0.9
~~~~~~~~~~~~~~~~~~~
* added better handling if NT_STATUS_ACCESS_DENIED is received post lsaquery
* added base domain response triggers for lsaquery results if successful
* fixed a counter issue when access denied from the server was returned
~~~~~~~~~~~~~~~~~~~
version 0.8
~~~~~~~~~~~~~~~~~~~
* fixed if unable to enumerate through LSA query return false
~~~~~~~~~~~~~~~~~~~
version 0.7
~~~~~~~~~~~~~~~~~~~
* added faster RID enumeration thanks to Tom Steele
~~~~~~~~~~~~~~~~~~~
version 0.6
~~~~~~~~~~~~~~~~~~~
* added better detection on access denied for RIDENUM
~~~~~~~~~~~~~~~~~~~
version 0.5
~~~~~~~~~~~~~~~~~~~
* added ability to specify a userlist if you already extracted it previously
* added ability to see the results prior to brute force being successful
~~~~~~~~~~~~~~~~~~~
version 0.4
~~~~~~~~~~~~~~~~~~~
* removed full group name or account names from getting cut off, needed to stringsplit(" ", 1) to replace first with the latter half and strip any other data
* removed versioning from rid_enum.py. Only centralizing through changelog.txt
* rearranged the order for brute forcing, it would start off with password to username versus username to password. It will load a username then attempt password file then move on to the next one
* added ability to specify uc username or lc username within dictionary file, it will strip domain name and brute force the username only (upper case and lowercase)
* added ability to detect expired accounts
~~~~~~~~~~~~~~~~~~~
version 0.3
~~~~~~~~~~~~~~~~~~~
* fixed an issue that if failed it would not properly state it
* fixed github email address use
~~~~~~~~~~~~~~~~~~~
version 0.2
~~~~~~~~~~~~~~~~~~~
* removed regular expression import, no longer needed
* added ability to add spaces within a password and not throw an exception
~~~~~~~~~~~~~~~~~~~
version 0.1
~~~~~~~~~~~~~~~~~~~
* first release of rid_enum