Skip to content

v3.5.0

Compare
Choose a tag to compare
@github-actions github-actions released this 31 Jan 10:45
· 31 commits to main since this release

Fixed the horrible piece of logic that caused TeamFiltration to take ages to get back up and running between longer sprays
TeamFiltration no longer requires you to generate and submit a pre-created list of FireProx instances in the configuration file. Instead, TeamFiltration will create and remove FireProx instances automatically, on-demand, when performing tasks that require FireProx endpoints. For TeamFiltration to do so, you must now provide an AWSAccessKey and AWSSecretKey within the configuration file.
The TeamFiltration config now allows you to specify a proxy URL in the configuration, that when used with the argument --debug, will forward all HTTP traffic through your defined proxy. This is useful when debugging problems or crashes.
The TeamFiltration config now allows you to specify your user-agent that will be used for all HTTP traffic.
The interactive database module now has the option to list and remove potentially left-behind FireProx instances. (This might happen if you kill TeamFiltration in the middle of an ongoing password spray)
Merged a pull request fixing an issue related to OneDrive and SharePoint exfiltration method causing a crash.
Merged a pull request that adds functionality to extract access tokens from an exfiltrated Teams database (by specifying a local path) and then uses that to enumerate further.
Account DisplayName is now captured and stored in the Database when performing Teams Account Enumeration. Makes it easier to match emails with names from third-party sources
Updated the output shown when a login attempt is blocked by ACCESS POLICY to include "VALID"
Database column names have been shortened to allow for easier viewing when working inside short terminals.
Added account-name sanity check to teams enumeration method to avoid wasting time enumerating tenants that are not enumerable using teams.