This repository has been archived by the owner on Aug 26, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
/
change_log.txt
81 lines (59 loc) · 4.36 KB
/
change_log.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
# Changelog
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
### Added
- Add configuration option to output a master credential file spanning all domains
- Add a configuration option to specify the order of elements in the input filename (e.g., specify the data type before the date)
## [2.1.4]
### Fixed
- Add '.lower()' to usernames parse from Cobalt Strike XML export. This bug caused credentials not to be mapped to users in the output because the case didn't match
## [2.1.3]
### Fixed
- Added missing 'S' from config setting names that were preventing the dsquery commands from being displayed
## [2.1.2]
## Changed
- Modified how parse_cs_export() auto-detects the file format. Previously, it attempted to parse as XML and assumed it was text if parsing failed. Unfortunately, auto-detection (and therefore parsing) would fail if the parser encountered any error, such as an invalid token. Auto-detection now reads the first line of the file and compares it against the format of the XML export, a much more reliable check.
- Added an 's' to dsquery_attrs config options for consistency (simplifies refactored code)
### Fixed
- Added better support for Cobalt Strike XML export parsing, allowing it to handle files containing '&' (invalid XML characters)
- Additional bug with loading dsquery attributes from config. The previous change fixed dsquery command output but failed to change the fieldnames in the CSV output; this is now fixed.
- A bug where the logging output directory from the config file wasn't being applied
## [2.1.1]
### Added
- Additional error message to parse_cs_export() to warn users about the ElementTree bug listed above (i.e., ElementTree throws an "invalid token" parsing error if it sees elements containing '&')
### Changed
- Changed verbosity level for "Object contains no name field" warning in enhance_object() to level 2 to avoid spamming users on the default setting
### Fixed
- Fixed a bug where the dsquery commands wouldn't get updated based on the config file because they were shown before the config was loaded
## [2.1.0]
### Added
- Ability to read in previous Parseltongue credential output
### Changed
- Modified the Cobalt Strike export parser to support XML exports in addition to text exports. This will provide more accurate results, particularly in cases where plaintext password entries have usernames with spaces
- Moved the dsquery attributes to the config file so users can specify custom attributes for different config profiles
### Fixed
- Modified load_wordlist() to only strip tabs and newlines from plaintext passwords since apparently Windows allows passwords with spaces at the ends
- load_config() will now recursively merge settings rather than just at the root level. Added verbose logging for overridden settings and warnings if unexpected settings are found in the loaded config
## [2.0.0] - 2020-04-23
### Added
- A change log
- ASCII art (two different versions; based on terminal width)
- Version number to code
- Support for Python 3
- JSON config file to minimize the need to consistently provide command-line arguments or edit the code directly to change certain settings
- Logging to help with troubleshooting
- Three output verbosity levels (0 = Minimal, 1 = Normal, 2 = Info)
- Simple wordlist support to aid in password cracking
- Sample data from my lab network; useful for trying out the tool if you don't have your own data
- README with more than one line of info
### Changed
- Removed command-line options for individual file types and replaced with data type auto-detection based on filename. Files must be named properly; however, this vastly improves the flexibility of Parseltongue as it allows processing multiple files of the same type, including across NT domains.
- Modified console output (including spacing) to improve readability
- Modified the password cracker ingest output file to only include accounts that don't have a matching plaintext password
### Removed
- Support for Python 2
- Limitation to process data for a single NT domain at a time
### Fixed
- Added quotes around CSV output fields to avoid issues where plaintext password contain commas