Bump impacket from 0.9.19 to 0.9.23 in /XianyuCrawler

[dependabot[bot]]

Bumps impacket from 0.9.19 to 0.9.23.

Release notes

Sourced from impacket's releases.

Impacket 0.9.23

Project's main page at https://www.secureauth.com/labs/open-source-tools/impacket/

ChangeLog for 0.9.23:

1. Library improvements

• Support connect timeout with SMBTransport (@​vruello)
• Speeding up DcSync (@​mohemiv)
• Fixed Python3 issue when serving SOCKS5 requests (@​agsolino)
• Moved docker container to Python 3.8 (@​mgallo)
• Added basic GitHub Actions workflow (@​mgallo)
• Fixed Path Traversal vulnerabilities in smbserver.py - CVE-2021-31800 (@​omriinbar AppSec Researcher at CheckMarx)
• Fixed POST request processing in httprelayserver.py (@​Rcarnus)
• Added cat command to smbclient.py (@​mxrch)
• Added new features to the LDAP Interactive Shell to facilitate AD exploitation (@​AdamCrosser)
• Python 3.9 support (@​meeuw and @​cclauss)

2. Examples improvements

• addcomputer.py:
  • Enable the machine account created via SAMR (@​0xdeaddood)
• getST.py:
  • Added exploit for CVE-2020-17049 - Kerberos Bronze Bit attack (@​jakekarnes42)
  • Compute NTHash and AESKey for the Bronze Bit attack automatically (@​snovvcrash)
• ntlmrelayx.py:
  • Fixed target parsing error (@​0xdeaddood)
• wmipersist.py:
  • Fixed filterBinding error (@​franferrax)
  • Added PowerShell option for semi-interactive shells in dcomexec.py, smbexec.py and wmiexec.py (@​snovvcrash)
  • Added new parameter to select COMVERSION in dcomexec.py, wmiexec.py, wmipersist.py and wmiquery.py (@​zexusx26)

3. New examples

• Get-GPPPassword.py: This example extracts and decrypts Group Policy Preferences passwords using streams for treating files instead of mounting shares. Additionally, it can parse GPP XML files offline (@​ShutdownRepo and @​p0dalirius)
• smbpasswd.py: This script is an alternative to smbpasswd tool and intended to be used for changing expired passwords remotely over SMB (MSRPC-SAMR) (@​snovvcrash)

As always, thanks a lot to all these contributors that make this library better every day (since last version):

@​mpgn @​vruello @​mohemiv @​jagotu @​jakekarnes42 @​snovvcrash @​zexusx26 @​omriinbar @​Rcarnus @​nuschpl @​mxrch @​ShutdownRepo @​p0dalirius @​AdamCrosser @​franferrax @​meeuw and @​cclauss

impacket 0.9.22

Project's main page at https://www.secureauth.com/labs/impacket/

ChangeLog for 0.9.22:

1. Library improvements

• Added implementation of RPC over HTTP v2 protocol (by @​mohemiv).
• Added MS-NSPI, MS-OXNSPI and MS-OXABREF protocol implementations (by @​mohemiv).
• Improved the multi-page results in LDAP queries (by @​ThePirateWhoSmellsOfSunflowers).
• NDR parser optimization (by @​mohemiv).
• Improved serialization of WMI method parameters (by @​tshmul).
• Introduce the MS-NLMP 2.2.2.10 VERSION structure in NTLMAuthNegotiate messages (by @​franferrax).
• Added some NETLOGON structs for NetrServerPasswordSet2 (by @​dirkjanm).

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/DropsDevopsOrg/ECommerceCrawlers/network/alerts).