v1.0.0.dev16: Timestamp support in the CLI

This release adds support for timestamps within the terminal log along other new features, including.

• SMBv2 server now supports the LOGOFF command
• Timestamps can be enabled with --ts in the CLI
• The default configuration paths of Dementor can be viewed with --paths in the CLI
• The currently installed version can be checked with --version
• Documentation is now up-to-date with the source code configuration options

---

What's Changed

• [DEV] Timestamps in terminal output by @MatrixEditor in #18

Full Changelog: v1.0.0.dev15...v1.0.0.dev16

v1.0.0.dev15: Hotfix for missing workspace directories

Changes

• Missing workspace directory will be created before session begins
• Add type hints to DatabaseConfig

---

Full Changelog: v1.0.0.dev14...v1.0.0.dev15

v1.0.0.dev14: DB Revamp

This release introduces breaking changes to the database model and adds some type hints to the code base.

Caution

This version is incompatible with previous Dementor releases when using an existing old database file.

There are also two new CLI flags to declare a blacklist and whitelist on-the-fly:

Whitelist:

$ Dementor -I <IFACE> --target="SHARE,127.0.0.1"

Same can be done to set a blacklist with (--ignore/-i)

Changes

• Database: New tables hosts and extras as well as a refined credentials table
• Database connection configuration can be changed to use other dbms like mysql or postgres. New configuration attributes are:

  # specify custom dialect to use
  Dialect = "sqlite"
  Driver = "pysqlite"
  # either specify the complete URL or the path (relative, 
  # absolute or relative to workspace dir)
  # Url = "sqlite:///:memory:"
  Path = "Dementor.db"

• QA: added type hints to all configuration classes
• The logger now emits all log messages to the file if file logging is enabled even if --verbose is not set

Fixes

• Global filter configuration renamed from AnswerTo to Target
• Filter configuration import fixed

What's Changed

• [PATCH] Filter Rules by @MatrixEditor in #14
• [DEV] Database model revamp by @MatrixEditor in #15

Full Changelog: v1.0.0.dev13...v1.0.0.dev14

v1.0.0.dev13: Bug Fixes

This release includes important bug fixes and logging enhancements:

• Logging credentials within a domain will be displayed as: <DOMAIN>/<USERNAME> instead of <USERNAME>/<DOMAIN>
• The logging directory can be set to an arbitrary (non-existing) path (absolute, relative to current dir or relative to workspace)
• Replaces logger.error messages with logger.fail and traceback for exceptions are now displayed in debug/verbose mode
• Invalid packets will be displayed as hexdump in debug/verbose mode
• Fixed request handling in SMB and IPP as well as UPnP to be more robust
• Specifying options in the CLI now accepts nested sections, e.g. Log.Stream.Hashes.Path
• Fixed a typo in confirmation prompt

---

Full Changelog: v1.0.0.dev12...v1.0.0.dev13

v1.0.0.dev12: Custom Logging Streams and Bug Fixes

This release enhances the logging output by defining extra logging streams that operate separately from the central terminal and file log. For instance, a custom stream can be configured to capture all multicast DNS queries (Log.Stream.DNS) which in turn can be used as a blacklist or whitelist filter within the configuration.

Hashes can be dumped to separate files too

# simply modify the logging sections at the end of the config file
[Log.Stream.Hashes]
# dump to subdirectory in current dir
Path = "./hashes" 
# split hashes by type into separate files
Split = true

---

Fixed bugs:

• Fixed issues with parsing packets in (C)LDAP, SMB, MySQL , MSSQL and MSRPC
• Fixed a parsing logic error within the UPnP/SSDR module resulting in a stack trace
• Fixed a wrong default port configuration for the IMAP server

---

New features:

• Custom logging streams with separate files for: host IPs, multicast DNS queries (mDNS, LLMNR and NetBIOS), hashes (all types)
• Currently selected database path and configuration files will be printed when starting Dementor
• Additional safety check when starting Dementor in attack mode

v1.0.0.dev11: SSDP, UPnP and Bug Fixes

This release includes support for SSDP multicast poisoning and UPnP device imitation. Given, the default configuration won't be as
phishy as expected, but since it can be configured very easily, the template might be changed for real test cases.

Other fixes

• CLI: Fixed issue that ignored analysis mode completely
• CLI: Added support for += operator that appends a value to a list setting
• Added unified interface for creating multicast listeners
• TomlConfig: fixed __getitem__
• Make dementor.paths module executable
• Updated minor issues in the documentation

---

Full Changelog: v1.0.0.dev10...v1.0.0.dev11

v1.0.0.dev10: IPP Server Support

This release introduces an IPP server implementation that can be used to in the context of GHSA-rj88-6mr5-rcw8 , specifically CVE-2024-47175 and CVE-2024-47176.

Other fixes

• Incorrect startup of MySQ, SMB and DCERPC has been fixed
• Examples: new example on how to test the CUPS vulnerabilities
• Docs: added IPP to the compatibility matrix
• HTTP Docs: fixed invalid default configuration section name
• Requirements: pinpoint caterpillar to ensure no breaking changes happen

---

Full Changelog: v1.0.0.dev9...v1.0.0.dev10

v1.0.0.dev9: X11 / X Window System Protocol Support

Implementation of an XServer that only supports authentication and terminates all connections after the initial connection request.

Other changes

• Updated logging of credentials and removed extra "Hash" wording on custom credentials
• Added an example of how to use the X11 server to capture cookies

---

Full Changelog: v1.0.0.dev8...v1.0.0.dev9

v1.0.0.dev8: SMB Server Rewrite

This release features a complete rewrite of the SMB server dropping the need to use the SMBSERVER implemented by impacket. Even though there are no new features introduced by this implementation, the server will support all requested SMB2 dialects. impacket's SMB server only allows 2.0.2.

Other fixes

• Updated logging mechanism to always include the current protocol, client host and port
• Default domain name in FQDN will be "WORKGROUP"

---

Full Changelog: v1.0.0.dev7...v1.0.0.dev8

v1.0.0.dev7: (limited) Support for MySQL

This release includes (limited) support for a MySQL server that supports plaintext authentication based on the official online documentation.

Note

Version 1.0.0.dev6 did not contain any new features and therefore did not get a release candidate on GitHub. If you still want to download and install this version, please use PyPI.

---

Full Changelog: v1.0.0.dev5...v1.0.0.dev7