Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade dploot to 3.0.3 #491

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Upgrade dploot to 3.0.3 #491

wants to merge 2 commits into from

Conversation

zblurx
Copy link
Collaborator

@zblurx zblurx commented Nov 22, 2024

Description

Upgrade of dploot to version 3.0.3 (major update) so I had to update the code over DPAPI stuff:

  • Added some callback function, so now secrets are outputed in real time
  • Fix Constant lxml issue on Mac m1/m2 #489
  • Firefox cookies are dumped
  • DPAPI code refacto (all the stuff about getting the domain backup key and masterkeys is now in one place)
  • New module wam to dump Entra and M365 access token from Token Broker Cache

Type of change

Please delete options that are not relevant.

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • This change requires a documentation update
  • This requires a third party update (such as Impacket, Dploot, lsassy, etc)

How Has This Been Tested?

ruff --preview, e2e_tests.py have been running
To test the WAM module, just connect a Microsoft account on a Teams or Outlook, and make sure to connect to it with an administrator account (it's DPAPI stuff so domain admin will make it easier to test because you will use domain backup key)
You can try all other DPAPI stuff to tests the changes, but it SHOULD be good.

Screenshots (if appropriate):

Cannot provide screenshots for the WAM module, because it output my mail and a Teams access token for my account.

Checklist:

  • I have ran Ruff against my changes (via poetry: poetry run python -m ruff check . --preview, use --fix to automatically fix what it can)
  • I have added or updated the tests/e2e_commands.txt file if necessary
  • New and existing e2e tests pass locally with my changes
  • My code follows the style guidelines of this project (should be covered by Ruff above)
  • If reliant on third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)

@NeffIsBack
Copy link
Contributor

Nice one!!

@NeffIsBack NeffIsBack added enhancement New feature or request new module labels Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Marshall-Hallenbeck Marshall-Hallenbeck Awaiting requested review from Marshall-Hallenbeck Marshall-Hallenbeck is a code owner

@NeffIsBack NeffIsBack Awaiting requested review from NeffIsBack NeffIsBack is a code owner

@mpgn mpgn Awaiting requested review from mpgn mpgn is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
enhancement New feature or request new module
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Constant lxml issue on Mac m1/m2
2 participants
@zblurx @NeffIsBack