v1.0.8

[1.0.8] - 2025-03-03

Added

• Admin Module
  • Added get_creds command to pull credential blobs from SCCM
  • Added get_azurecreds command to pull Azure co-management application blobs
  • Added get_azuretenant commant to pull Azure tenant info
  • Added get_pxepassword command to pull PXE boot blobs if configured
  • Added get_forestkey command to pull forest discovery session key blobs
  • Added decrypt command to decrypt passed credential blob
  • Added decryptEx command to decrypt forest discovery credential blobs
    • You've got to be "interactive" with the SCCM primary site server for decryption to work
    • This means the site server must be a client
    • Uses script execution
  • Updates thanks to Parzel:
  • Added list_script command to list scripts published to SCCM
  • Added delete_script commmand to delete a target script from SCCM

[1.0.7] - 2025-02-28

Fixed

• HTTP Module
  • Fixed a bug where -mp flag wasn't correctly setting the policy request target

Added

• Find module
  • Channel binding is now supported when using NTLM auth
• MSSQL module
  • Channel binding is now supported when using NTLM auth

v1.0.6

[1.0.6] - 2024-08-15

Fixed

• Fixed a bug where site servers weren't being added to the computers table causing further profiling to fail
• Fixed a bug in MSSQL where SID translation failed when using Kerberos authentication

Added

• Find module
  • Added distribution point check in LDAP
• SMB module
  • Added distribution point profiling to determine if the found host is SCCM or WDS related
• Admin module
  • Added "approver credentials" check to ensure credentials are valid when script approval is required for the hierarchy

v1.0.5

Rebase