build(deps): bump impacket from 0.12.0 to 0.13.0

[dependabot]

Bumps impacket from 0.12.0 to 0.13.0.

Release notes

Sourced from impacket's releases.

Impacket 0.13.0

Project's main page at https://www.coresecurity.com/core-labs/open-source-tools/impacket

ChangeLog for 0.13.0:

1. Library improvements

   • Major SMB client/server refactor adds setInfo support, CIFS datetime helpers, and safer default share access to enable remote attribute and timestamp management. (@​covertivy)
   • Introduced per-structure encoding selectors and UTF-8-aware SMB structures so non-Latin resource names round-trip correctly. (@​alexisbalbachan)
   • Strengthened LDAP/Kerberos handling with channel binding plus signing, schema alignment with ldap3, and LDAPS-based LAPS retrieval against Windows Server 2025 DCs. (@​zblurx, @​alexisbalbachan, @​Ibrahim8879)
   • Improved DCE/RPC coverage with Netlogon authenticator fixes, updated DRS bind flags, expanded EVEN6 decoding, and a new ICPR interface to support relay-aware RPC workflows. (@​ThePirateWhoSmellsOfSunflowers, @​h3-josh-the-engineer, @​NtAlexio2, @​rtpt-romankarwacik)
   • Corrected SMB negotiation edge cases by fixing response padding, Unicode pipe lookups, and keyboard interrupts in SMB servers. (@​rtpt-erikgeiser, @​Abyss-emmm, @​exploide)
   • SMB Server enhancements to align Impacket's implementation with standard (@​jborean93)

2. Authentication & relay tooling

   • Added WinRMS relay clients/servers. (@​Defte_)
   • Improved IPv6 support, richer logging, and consistent console status reporting, plus an identity log to track compromised principals ( @​gabrielg5)
   • Introduced an RPC relay server with Endpoint Mapper discovery . (@​rtpt-romankarwacik)
   • Delivered SCCM Management/Distribution Point relay attacks. (@​q-roland)
   • Enhanced shadow credentials, SOCKS plugins, and target rotation with better IPv6 awareness and stability. (@​anadrianmanrique, @​gabrielg5)
   • Added options to strip SSP from Net-NTLMv1 captures and write relay-captured hashes for cracking workflows. (@​TurtleARM, @​p0rtL6)

3. Examples improvements

   • secretsdump.py gained a WMI shadow snapshot path, export hive boot key recovery, safer DRS flags, user-status reporting, and refined NTDS parsing. (@​PeterGabaldon, @​MaxToffy, @​h3-josh-the-engineer, @​Markb1337, @​snovvcrash)
   • MSSQL tooling gained channel binding tokens, restored reliable connections, richer linked-server file transfers, and inline command execution. (@​Defte_, @​rtpt-romankarwacik, @​trietend, @​kiriknik, @​Signum21)
   • Directory ACL helpers (dacledit, owneredit, rbcd, ldapshell) picked up mask selection, safer queries, and consistent -dc-host handling. (@​dadevel, @​shellinvictus, @​Fabrizzio53, @​ICheer_No0M, @​gabrielg5)
   • SMB operator utilities add reconnect and autocomplete options in smbclient and prevent smbexec from hanging on completion. (@​daddycocoaman, @​trietend, @​Vincent550102)
   • Remote access helpers such as rdp_check and wmiexec now support IPv6 targets and display created Process IDs for easier triage. (@​gabrielg5, @​alexisbalbachan)

4. New examples

   • attrib.py manipulates file attributes over SMB to showcase the new setInfo workflow. (@​covertivy)
   • filetime.py inspects and updates SMB file timestamps using the refreshed SMBConnection APIs. (@​covertivy)
   • badsuccessor.py demonstrates the AD CS “bad successor” attack path. (@​fulc2um)
   • regsecrets.py extracts LSA secrets from remote registry hives through [MS-RRP]. (@​laxaa, @​laxa)
   • samedit.py edits local SAM password hashes offline. (@​iorpim)
   • CheckLDAPStatus.py checks LDAP signing status and LDAPS channel binding status. (@​zblurx)

5. Project & packaging

   • Added the impacket.mssql namespace, relaxed the pyOpenSSL pin, and declared Python 3.13 support while dropping 3.8. (@​anadrianmanrique, @​Defte_)
   • Replaced pkg_resources with importlib.metadata for lightweight version discovery. (@​AdrianVollmer)

As always, thanks a lot to all these contributors that make this library better every day (up to now):

@​Abyss-emmm, @​AdrianVollmer, @​NeffIsBack, @​NtAlexio2, @​rtpt-alexanderneumann, @​asareynolds, @​dadevel, @​TurtleARM, @​Defte_, @​rtpt-erikgeiser, @​Fabrizzio53, @​fluffy-kaiju, @​gabrielg5, @​ICheer_No0M, @​exploide, @​jborean93, @​nitbx, @​laxaa, @​daddycocoaman, @​lucas0817, @​Markb1337, @​MaxToffy, @​Ibrahim8879, @​Narmjep, @​NuclearFizzler, @​iorpim, @​CipherCloak, @​PeterGabaldon, @​b1two, @​covertivy, @​rtpt-romankarwacik, @​ryanq47, @​SAERXCIT, @​Signum21, @​ThePirateWhoSmellsOfSunflowers, @​Vincent550102, @​anadrianmanrique, @​alexisbalbachan, @​d0gkiller87, @​Ridter, @​fulc2um, @​gjhami, @​h3-josh-the-engineer, @​kiriknik, @​marcobarlottini, @​p0rtL6, @​q-roland, @​shellinvictus, @​trietend, @​zblurx.

Changelog

Sourced from impacket's changelog.

Impacket v0.13.0 (Oct 2025):

1. Library improvements

   • Major SMB client/server refactor adds setInfo support, CIFS datetime helpers, and safer default share access to enable remote attribute and timestamp management. (@​covertivy)

   • Introduced per-structure encoding selectors and UTF-8-aware SMB structures so non-Latin resource names round-trip correctly. (@​alexisbalbachan)

   • Strengthened LDAP/Kerberos handling with channel binding plus signing, schema alignment with ldap3, and LDAPS-based LAPS retrieval against Windows Server 2025 DCs. (@​zblurx, @​alexisbalbachan, @​Ibrahim8879)

   • Improved DCE/RPC coverage with Netlogon authenticator fixes, updated DRS bind flags, expanded EVEN6 decoding, and a new ICPR interface to support relay-aware RPC workflows. (@​ThePirateWhoSmellsOfSunflowers, @​h3-josh-the-engineer, @​NtAlexio2, @​rtpt-romankarwacik)

   • Corrected SMB negotiation edge cases by fixing response padding, Unicode pipe lookups, and keyboard interrupts in SMB servers. (@​rtpt-erikgeiser, @​Abyss-emmm, @​exploide)

   • SMB Server enhancements to align Impacket's implementation with standard (@​jborean93)

2. Authentication & relay tooling

   • Added WinRMS relay clients/servers. (@​Defte_)

   • Improved IPv6 support, richer logging, and consistent console status reporting, plus an identity log to track compromised principals ( @​gabrielg5)

   • Introduced an RPC relay server with Endpoint Mapper discovery . (@​rtpt-romankarwacik)

   • Delivered SCCM Management/Distribution Point relay attacks. (@​q-roland)

   • Enhanced shadow credentials, SOCKS plugins, and target rotation with better IPv6 awareness and stability. (@​anadrianmanrique, @​gabrielg5)

   • Added options to strip SSP from Net-NTLMv1 captures and write relay-captured hashes for cracking workflows. (@​TurtleARM, @​p0rtL6)

3. Examples improvements

   • secretsdump.py gained a WMI shadow snapshot path, export hive boot key recovery, safer DRS flags, user-status reporting, and refined NTDS parsing. (@​PeterGabaldon, @​MaxToffy, @​h3-josh-the-engineer, @​Markb1337, @​snovvcrash)

   • MSSQL tooling gained channel binding tokens, restored reliable connections, richer linked-server file transfers, and inline command execution. (@​Defte_, @​rtpt-romankarwacik, @​trietend, @​kiriknik, @​Signum21)

   • Directory ACL helpers (dacledit, owneredit, rbcd, ldapshell) picked up mask selection, safer queries, and consistent -dc-host handling. (@​dadevel, @​shellinvictus, @​Fabrizzio53, @​ICheer_No0M, @​gabrielg5)

   • SMB operator utilities add reconnect and autocomplete options in smbclient and prevent smbexec from hanging on completion. (@​daddycocoaman, @​trietend, @​Vincent550102)

   • Remote access helpers such as rdp_check and wmiexec now support IPv6 targets and display created Process IDs for easier triage. (@​gabrielg5, @​alexisbalbachan)

4. New examples

... (truncated)

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.