Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Commit for V3.5.1 #30

Merged
merged 2 commits into from
Apr 12, 2023
Merged

Commit for V3.5.1 #30

merged 2 commits into from
Apr 12, 2023

Conversation

Flangvik
Copy link
Owner

  • Updated from EOL NET Core 3.2 to NET 7.0. This fixes the SSL library issues reported when running TeamFiltration on the latest Ubuntu and Windows Server 2022, issue TeamFiltration on Linux connection errors #21
  • Updated the Github workflow pipeline with a better naming convention as well as compiling binaries for MacOS ARM64
  • Updated the '--validate-msol' enum method, thanks to tuxnam for reporting this. Seems MS had changed the JSON response structure rendering the old implementation broken. Issue Error validating MSOL enum method #25 and TeamFiltration 3.5.0 and source build on Win10: Invalid URI: The URI is empty. #22
  • Re-implemented and added '--tokens' and '--cookie-dump'
    '--tokens' now handles both a single JWT token, JWT tokens separated by ',' and a file with newline separated JWT tokens as input. Parses and stores tokens in the database and performs exfiltration based on that.
    '--cookie-dump' now handles two input structures SharpChrome.exe JSON output and/or the Firefox plugin 'Cookie Quick Manager' dump output, parses and stores tokens in the database, and performs exfiltration based on that.
  • Re-written the whole exfiltration and conditional access enumeration process, see the flow diagram for the complete process.
  • Fixed crash when running without specifying config JSON in command line, issue Stack trace when running without specifying config json in command line #24
  • Added the email format [email protected] as requested in issue Error validating MSOL enum method #25.
  • Added error handling for email format selection
  • Re-written the spray logic to make way for --shuffle-regions, --shuffle-users, --shuffle-passwords and --auto-exfil
  • IPv6 has been disabled to avoid errors when TeamFiltration is used with proxy tools such as proxychains4 and Proxifier
  • '--auto-exfil' has been added to the spray module, allows TeamFiltration to automatically start exfiltration once a valid set of credentials is found
  • ADFS support, while still in BETA, has been tested more heavily and found to work with FireProx.
  • Exfiltrated Team's chat conversations are now re-produced in HTML for easier viewing locally. Work still remains in better constructing groups chats
  • Added the GetPresence check to Teams Account Enumeration mode, fetched and stored the OutOfOffice message in the database when found
  • Changed the ValidAccount database structure to account for these changes
  • Changed the CSV generator separator from ',' to ';'
  • Added the email format [email protected] as requested in issue Error validating MSOL enum method #25.
  • Added error handling for email format selection
  • Updated Nuget packages

@FlangvikOld
Added the email format [email protected] as requested in issue #25.
71bfe3e 
Added error handling for email format selection
Updated nuget packages
@FlangvikOld
Added the GetPresence check to Teams Account Enumeration mode, fetche…
4d51079 
…d and stores the OutOfOffice message in the database when found

Changed the ValidAccount database structure to account for this changes
Changed the CSV generator separator from , to ;
@Flangvik Flangvik merged commit 539a69e into main Apr 12, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Flangvik @FlangvikOld