Releases: sensepost/ruler
Dependency Update
Updates the dependencies
$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum ruler-linux86
904b042e2ec7aa85331911b1343213292e061dcc4f2010d01f4f7b60f0198b10 ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe
sha256sum ruler-win86.exe
021ae50ec89266dabb1f96f703ec04dad908eef0e63d12c1ed38a40833198f79 ruler-win86.exe
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum ruler-linux64
f3b5e0f54f1da134c5d3c135f5be8ae7e85e499e8e73fabf87ffe010c23749ef ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe
sha256sum ruler-win64.exe
42e504f3d9d9800c1c75ff6d8c5433d801e7148760cba709fa3bd5dd8e4a0208 ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum ruler-osx64
f3e108c7993b8d46c832ac2499a97395cc18fc9c4c1656acc25c969c7090ffcd ruler-osx64
Unicode Fix
This version might work better against non-english language servers.
This is untested
$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum ruler-linux86
756a8aa5bf7bc17ecbcaca1900cb38d2e6fe8608b3ba66b8def653bf57c85493 ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe
sha256sum ruler-win86.exe
a6292dc94d3144cdcbd28da2869bbeb34213b2a5296729f3931b5b1504ee123b ruler-win86.exe
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum ruler-linux64
7a60056797f2a0865f9d4f4b1dfa36ea807a2184487046a8cccb62b69b5e2f77 ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe
sha256sum ruler-win64.exe
f45c15869f8e219754d590c05ebb036fbb3d3a08e2e632f7603eaa35efdc9d5f ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum ruler-osx64
645b51a45bcb65a278a09e4e53867d762cec34055f8060a1a161358c6b1cf3fd ruler-osx64
2.4.0
This is a big release and contains numerous fixes and additions thanks to Roman Maksimov (@rmaksimov).
Fixes:
- #112 - fix fragmentation bug; remove an unnecessary code in SplitData function
- #113 - fixes HTTP WWW-Authentication header parsing. Case sensitive parsing of the Authorization header gave false authorization failures
- #114 - fixes authentication bug that existed for the usage of
--basic
. Smarter auto authnetication scheme selection - #115 - fixes autodiscover cache creation. Valid cache was being overwritten with empty file when autodiscover failed
- #117 - fix 503 RPC error that occurred due to extra Cookie header and bad line-breaks (hopefully fixes issue #51)
- #118 - misc error details improvements and code clean-up
Additions:
- #116 - adds a
--hostname
option that allows controlling the Workstation name that gets sent in NTLM authentication attempts - #118 - adds
--useragent
for controlling the user-agent sent in HTTP headers
$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum ruler-linux86
4b715d5b2540089cbfe911af30dae286ab8323bae507e232b5742410eac36e93 ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe
sha256sum ruler-win86.exe
27eefea75b640ff25512afbc539354e5baea063dc76753aa159e22dbd2734704 ruler-win86.exe
# OSX
GOOS=darwin GOARCH=386 go build -o ruler-osx86
sha256sum ruler-osx86
8bd775dc764f0eced8af39c7d319c70ed49ee09fb5013e630b5874cf0b468445 ruler-osx86
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum ruler-linux64
6a473fdd9b5e22a70f9784a1cbbae071acfe06f1d92f4c477113d8bec0017a4e ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe
sha256sum ruler-win64.exe
d82200193144a6541d1883c94ab208c4e8811f6358de5e914b7673573c7345d6 ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum ruler-osx64
62085757bec1686a33d219bd28a3a65e92bd07988cd0284492becd083cf351f4 ruler-osx64
# Download and check the sha256sum.
$ curl -fSL "https://github.com/sensepost/ruler/releases/download/2.4.0/ruler-linux64" -o "/usr/local/bin/ruler" \
&& echo "${RULER_SHA256} /usr/local/bin/ruler" | sha256sum -c - \
&& chmod a+x "/usr/local/bin/ruler"
rmaksimov edition
Introduces fixes and improvements from @rmaksimov 🚀
Updates - Thanks for all the enhancement suggestions!
This fixes a few small bugs, most pertinently the fact that some rules would cause Ruler to crash during the "display rules" phase.
Added some enhancements that were suggested through the issues tracker. Thanks!
- adds --proxy support for brute forcing
- displays progress during brute force
- uses username as password during brute force (once all possible username/password combinations have been tried. Does not apply to --userpass)
- Tries to use InternalURL if there is no ExternalURL available in the autodiscover.xml
EkoParty
Release of Ruler with new features as discussed at EkoParty.
- Adds the "homepage" attack
- Code clean-up and fixes
- Brute-force should be less likely to segfault or give mutex issues
Latest
Adds the autodiscover (thanks @singe)
This attempts to reveal the autodiscover URL and will tell you if the domain is a valid tenant on Office 365 or not.
Usage:
./ruler --domain targetdomain.com autodiscover
[+] Looks like the autodiscover service is at: https://autodiscover.targetdomain.com/autodiscover/autodiscover.xml
[+] Checking if domain is hosted on Office 365
[+] Domain is hosted on Office 365
Debug and Proxy options
This adds both the --debug and --proxy flags.
Using the proxy flag allows setting of an upstream proxy. This does not work for RPC/HTTP at the moment. You might have issues with NTLM auth as well, depending on the upstream proxy configuration (eg Burp causes issues).
Usage:
--proxy "https://10.10.0.1:8080"
or --proxy "https://user:pass@10.10.0.1:8080"
The debug option allows for dumping of traffic when something goes wrong. This needs to be expanded to dump additional traffic and allow for dumping to a file.
Adds a fix for forms. Newer forms weren't adding "End Function" to the --rule version. This was due to a code refactor
Bleeding Edge
Bleeding edge release. With fixed RPC and ability to add manual config file.
Form Mania with fixes
Fixes a few niggles with forms being displayed and deleted.
Fixes brute force not following redirects for Office365