From 2975e79455a1a119bd7c25a38706a258dc84ad29 Mon Sep 17 00:00:00 2001 From: James Forshaw Date: Mon, 15 Mar 2021 22:21:35 -0700 Subject: [PATCH] Updated to v1.1.31. --- .../NtApiDotNet.Forms.Build.csproj | 31 ++++++++++++------- NtApiDotNet.Forms/Properties/AssemblyInfo.cs | 4 +-- NtApiDotNet/NtApiDotNet.Build.csproj | 31 ++++++++++++------- NtApiDotNet/Properties/AssemblyInfo.cs | 4 +-- NtObjectManager/NtObjectManager.Core.csproj | 2 +- NtObjectManager/NtObjectManager.psd1 | 29 +++++++++++------ NtObjectManager/Properties/AssemblyInfo.cs | 4 +-- README.txt | 20 ++++++++++++ 8 files changed, 86 insertions(+), 39 deletions(-) diff --git a/NtApiDotNet.Forms/NtApiDotNet.Forms.Build.csproj b/NtApiDotNet.Forms/NtApiDotNet.Forms.Build.csproj index 187fa094b..7eaa0edee 100644 --- a/NtApiDotNet.Forms/NtApiDotNet.Forms.Build.csproj +++ b/NtApiDotNet.Forms/NtApiDotNet.Forms.Build.csproj @@ -7,8 +7,8 @@ James Forshaw Google Inc. NtApiDotNet.Forms - 1.1.30.0 - 1.1.30 + 1.1.31.0 + 1.1.31 Copyright © Google Inc. 2016-2021 1.0.0.0 Apache-2.0 @@ -18,16 +18,25 @@ true true true - 1.1.30 + 1.1.31 -------- -* Fixed issue when displaying only a SACL with Format-NtSecurityDescriptor. -* Added basic named pipe support for RPC clients. -* Fixed issue enumerating per-user audit rules. -* Added view accessor for safe buffers. -* Improved debug tracing for RPC clients. -* Improved handling of paths with local files commands. -* Fixed path issue with Set-Win32SecurityDescriptor. -* Added querying trace providers from the WMI security key. +* Added signing and encryption to SSPI. +* Added Get-LsaContextSignature and Test-LsaContextSignature. +* Added Protect-LsaContextMessage and Unprotect-LsaContextMessage +* Named auth commands to Lsa. +* Added TCP/IP RPC transport and add signing/encryption. +* Added Disconnect-RpcClient. +* Added server information for local RPC connection. +* Added Enable-NtTokenPrivilege and Disable-NtTokenPrivilege. +* Added native ARM/ARM64 support. +* Added Get-Win32ServiceConfig and Set-Win32ServiceConfig. +* Fixed bug in ACL canonicalization. +* Added support for SDK names of enumerations/structures. +* Added Get-NtSDKName. +* Added support for Win32 WriteProcessMemory. +* Added Get-Win32ServiceTrigger and support for triggers in Start-Win32Service. +* Added Set-Win32ServiceSecurityDescriptor. +* Fixed INdrStructure unmarshaling #35 diff --git a/NtApiDotNet.Forms/Properties/AssemblyInfo.cs b/NtApiDotNet.Forms/Properties/AssemblyInfo.cs index 25a2b8efd..a9489425e 100644 --- a/NtApiDotNet.Forms/Properties/AssemblyInfo.cs +++ b/NtApiDotNet.Forms/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.1.30.0")] -[assembly: AssemblyInformationalVersion("1.1.30")] \ No newline at end of file +[assembly: AssemblyFileVersion("1.1.31.0")] +[assembly: AssemblyInformationalVersion("1.1.31")] \ No newline at end of file diff --git a/NtApiDotNet/NtApiDotNet.Build.csproj b/NtApiDotNet/NtApiDotNet.Build.csproj index 60bc93473..ee9adf305 100644 --- a/NtApiDotNet/NtApiDotNet.Build.csproj +++ b/NtApiDotNet/NtApiDotNet.Build.csproj @@ -7,8 +7,8 @@ James Forshaw Google Inc. NtApiDotNet - 1.1.30.0 - 1.1.30 + 1.1.31.0 + 1.1.31 Copyright © Google Inc. 2016-2021 1.0.0.0 Apache-2.0 @@ -16,16 +16,25 @@ A .NET class library to access native NT API system calls true true - 1.1.30 + 1.1.31 -------- -* Fixed issue when displaying only a SACL with Format-NtSecurityDescriptor. -* Added basic named pipe support for RPC clients. -* Fixed issue enumerating per-user audit rules. -* Added view accessor for safe buffers. -* Improved debug tracing for RPC clients. -* Improved handling of paths with local files commands. -* Fixed path issue with Set-Win32SecurityDescriptor. -* Added querying trace providers from the WMI security key. +* Added signing and encryption to SSPI. +* Added Get-LsaContextSignature and Test-LsaContextSignature. +* Added Protect-LsaContextMessage and Unprotect-LsaContextMessage +* Named auth commands to Lsa. +* Added TCP/IP RPC transport and add signing/encryption. +* Added Disconnect-RpcClient. +* Added server information for local RPC connection. +* Added Enable-NtTokenPrivilege and Disable-NtTokenPrivilege. +* Added native ARM/ARM64 support. +* Added Get-Win32ServiceConfig and Set-Win32ServiceConfig. +* Fixed bug in ACL canonicalization. +* Added support for SDK names of enumerations/structures. +* Added Get-NtSDKName. +* Added support for Win32 WriteProcessMemory. +* Added Get-Win32ServiceTrigger and support for triggers in Start-Win32Service. +* Added Set-Win32ServiceSecurityDescriptor. +* Fixed INdrStructure unmarshaling #35 diff --git a/NtApiDotNet/Properties/AssemblyInfo.cs b/NtApiDotNet/Properties/AssemblyInfo.cs index 2d17836b6..4c69d2216 100644 --- a/NtApiDotNet/Properties/AssemblyInfo.cs +++ b/NtApiDotNet/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.1.30.0")] -[assembly: AssemblyInformationalVersion("1.1.30")] \ No newline at end of file +[assembly: AssemblyFileVersion("1.1.31.0")] +[assembly: AssemblyInformationalVersion("1.1.31")] \ No newline at end of file diff --git a/NtObjectManager/NtObjectManager.Core.csproj b/NtObjectManager/NtObjectManager.Core.csproj index 4b621bfc1..e376c436a 100644 --- a/NtObjectManager/NtObjectManager.Core.csproj +++ b/NtObjectManager/NtObjectManager.Core.csproj @@ -7,7 +7,7 @@ James Forshaw Google Inc. NtObjectManager - 1.1.29.0 + 1.1.31.0 Copyright © Google Inc. 2016-2020 1.0.0.0 https://www.apache.org/licenses/LICENSE-2.0 diff --git a/NtObjectManager/NtObjectManager.psd1 b/NtObjectManager/NtObjectManager.psd1 index 05e9c576f..89159e432 100644 --- a/NtObjectManager/NtObjectManager.psd1 +++ b/NtObjectManager/NtObjectManager.psd1 @@ -18,7 +18,7 @@ RootModule = 'NtObjectManager.psm1' # Version number of this module. -ModuleVersion = '1.1.30' +ModuleVersion = '1.1.31' # ID used to uniquely identify this module GUID = 'ac251c97-67a6-4bc4-bb8a-5ae300e93030' @@ -191,16 +191,25 @@ PrivateData = @{ ProjectUri = 'https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools' # ReleaseNotes of this module - ReleaseNotes = '1.1.30 + ReleaseNotes = '1.1.31 -------- -* Fixed issue when displaying only a SACL with Format-NtSecurityDescriptor. -* Added basic named pipe support for RPC clients. -* Fixed issue enumerating per-user audit rules. -* Added view accessor for safe buffers. -* Improved debug tracing for RPC clients. -* Improved handling of paths with local files commands. -* Fixed path issue with Set-Win32SecurityDescriptor. -* Added querying trace providers from the WMI security key. +* Added signing and encryption to SSPI. +* Added Get-LsaContextSignature and Test-LsaContextSignature. +* Added Protect-LsaContextMessage and Unprotect-LsaContextMessage +* Named auth commands to Lsa. +* Added TCP/IP RPC transport and add signing/encryption. +* Added Disconnect-RpcClient. +* Added server information for local RPC connection. +* Added Enable-NtTokenPrivilege and Disable-NtTokenPrivilege. +* Added native ARM/ARM64 support. +* Added Get-Win32ServiceConfig and Set-Win32ServiceConfig. +* Fixed bug in ACL canonicalization. +* Added support for SDK names of enumerations/structures. +* Added Get-NtSDKName. +* Added support for Win32 WriteProcessMemory. +* Added Get-Win32ServiceTrigger and support for triggers in Start-Win32Service. +* Added Set-Win32ServiceSecurityDescriptor. +* Fixed INdrStructure unmarshaling #35 ' # External dependent modules of this module diff --git a/NtObjectManager/Properties/AssemblyInfo.cs b/NtObjectManager/Properties/AssemblyInfo.cs index 575af3c97..4e71ba60e 100644 --- a/NtObjectManager/Properties/AssemblyInfo.cs +++ b/NtObjectManager/Properties/AssemblyInfo.cs @@ -32,5 +32,5 @@ // by using the '*' as shown below: // [assembly: AssemblyVersion("1.0.*")] [assembly: AssemblyVersion("1.0.0.0")] -[assembly: AssemblyFileVersion("1.1.30.0")] -[assembly: AssemblyInformationalVersion("1.1.30")] +[assembly: AssemblyFileVersion("1.1.31.0")] +[assembly: AssemblyInformationalVersion("1.1.31")] diff --git a/README.txt b/README.txt index c5a5649f7..c852e5a77 100644 --- a/README.txt +++ b/README.txt @@ -37,6 +37,26 @@ Thanks to the people who were willing to test it and give feedback: Release Notes: +1.1.31 +-------- +* Added signing and encryption to SSPI. +* Added Get-LsaContextSignature and Test-LsaContextSignature. +* Added Protect-LsaContextMessage and Unprotect-LsaContextMessage +* Named auth commands to Lsa. +* Added TCP/IP RPC transport and add signing/encryption. +* Added Disconnect-RpcClient. +* Added server information for local RPC connection. +* Added Enable-NtTokenPrivilege and Disable-NtTokenPrivilege. +* Added native ARM/ARM64 support. +* Added Get-Win32ServiceConfig and Set-Win32ServiceConfig. +* Fixed bug in ACL canonicalization. +* Added support for SDK names of enumerations/structures. +* Added Get-NtSDKName. +* Added support for Win32 WriteProcessMemory. +* Added Get-Win32ServiceTrigger and support for triggers in Start-Win32Service. +* Added Set-Win32ServiceSecurityDescriptor. +* Fixed INdrStructure unmarshaling #35 + 1.1.30 -------- * Fixed issue when displaying only a SACL with Format-NtSecurityDescriptor.