Rémi GASCOU (Podalirius)
Rémi GASCOU (Podalirius)
Use LDAP control [`LDAP_SERVER_NOTIFICATION_OID`](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/f14f3610-ee22-4d07-8a24-1bf1466cba5f) (`1.2.840.113556.1.4.528`) to get only changed objects in a `(objectClass=*)` query. ```c# PersistentSearch ::= SEQUENCE { changeTypes INTEGER, changesOnly BOOLEAN, returnECs BOOLEAN } ``` ## Drawbacks With...
I have added parsing for the OpenGPG keys extracted from the LSA by secretsdump. It now prints: After my patch, secretsdump prints: ``` [*] L$GLB-PUB-6EEB8090F4CB218E406224CAF1C587F5 OpenGPG public key 6EEB8090F4CB218E406224CAF1C587F5: m4OY24OW0WSAx4Fjtu7PiEsDp8WcTeLO5brWnJb42ahf9ZykEJ14mpUTCTnv7wX/0TBteUPBqI9YW62hGhXZhennx4c98WLGHwslmqBN5A2jLlspn2LnEF8pACvs9YbkzcxaEXKLz/qUG718kKrGEvBT1tLRQ+6Lc9+bIKbuAzR38/Wbq2JX2CG0040...
Better handling of various XML files in Group Policy Preferences. For example in the older version, we would not see the `runAs` attribute of Scheduled tasks, we can see it...
I have added parsing for the services passwords (SCM) extracted from the LSA by secretsdump. It now prints: Before my patch, secretsdump printed: ``` [*] SCM:{B092549F-61DB-41B0-96FD-02EB41E19783} SCM:{B092549F-61DB-41B0-96FD-02EB41E19783}:500040007300730057003000720044003000660053003300720076003100630033002100210021000000 ``` After my...
Handled missing use case where SQSA exists but is empty (no questions in it): ```json {"version":1,"questions":[]} ``` Before my patch, secretsdump printed: ``` [*] L$_SQSA_S-1-5-21-45CA8A85-16BC-4D6D-B0C3-74A90029F8E6-1001 {"version":1,"questions":[]} 0000 7B 00 22...
Add --subnets option to also add known subnets to list of targets. This would allow to also scan machines that are not in the Windows domain, but have an IP...
https://petrusviet.medium.com/dancing-on-the-architecture-of-vmware-workspace-one-access-eng-ad592ae1b6dd