Impacket – Tools to Work with Network Protocols

Impacket is a collection of Python classes for working with network protocols. Impacket is focused on providing low-level programmatic access to the packets and for some protocols (e.g. SMB1-3 and MSRPC) the protocol implementation itself.

Packets can be constructed from scratch, as well as parsed from raw data, and the object oriented API makes it simple to work with deep hierarchies of protocols. The library provides a set of tools as examples of what can be done within the context of this library.

Impacket - Collection of Tools to Work with Network Protocols
Impacket – Collection of Tools to Work with Network Protocols

The following protocols are featured in Impacket:

  • Ethernet, Linux “Cooked” capture.
  • IP, TCP, UDP, ICMP, IGMP, ARP.
  • IPv4 and IPv6 Support.
  • NMB and SMB1, SMB2 and SMB3 (high-level implementations).
  • MSRPC version 5, over different transports: TCP, SMB/TCP, SMB/NetBIOS and HTTP.
  • Plain, NTLM and Kerberos authentications, using password/hashes/tickets/keys.
  • Portions/full implementation of the following MSRPC interfaces: EPM, DTYPES, LSAD, LSAT, NRPC, RRP, SAMR, SRVS, WKST, SCMR, DCOM, WMI
  • Portions of TDS (MSSQL) and LDAP protocol implementations.

There is about 44 tools included in this package that will allow penetration tester to run remote command execution, Kerberos attack, dump windows secrets, MITM attack, WMI attack , SMB/RPC attack , MSSQL/TDS attack and more.

You can read more and download the set of tools over here: https://github.com/SecureAuthCorp/impacket

Share