Skip to content

Releases: sensepost/ruler

Dependency Update

19 Feb 09:25
1e5ee2d
Compare
Choose a tag to compare

Updates the dependencies

$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum  ruler-linux86
904b042e2ec7aa85331911b1343213292e061dcc4f2010d01f4f7b60f0198b10  ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe
sha256sum  ruler-win86.exe
021ae50ec89266dabb1f96f703ec04dad908eef0e63d12c1ed38a40833198f79  ruler-win86.exe
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum  ruler-linux64
f3b5e0f54f1da134c5d3c135f5be8ae7e85e499e8e73fabf87ffe010c23749ef  ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe
sha256sum  ruler-win64.exe
42e504f3d9d9800c1c75ff6d8c5433d801e7148760cba709fa3bd5dd8e4a0208  ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum  ruler-osx64
f3e108c7993b8d46c832ac2499a97395cc18fc9c4c1656acc25c969c7090ffcd  ruler-osx64

Unicode Fix

19 Feb 09:28
Compare
Choose a tag to compare
Unicode Fix Pre-release
Pre-release

This version might work better against non-english language servers.

This is untested

$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum  ruler-linux86
756a8aa5bf7bc17ecbcaca1900cb38d2e6fe8608b3ba66b8def653bf57c85493  ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe
sha256sum  ruler-win86.exe
a6292dc94d3144cdcbd28da2869bbeb34213b2a5296729f3931b5b1504ee123b  ruler-win86.exe
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum  ruler-linux64
7a60056797f2a0865f9d4f4b1dfa36ea807a2184487046a8cccb62b69b5e2f77  ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe
sha256sum  ruler-win64.exe
f45c15869f8e219754d590c05ebb036fbb3d3a08e2e632f7603eaa35efdc9d5f  ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum  ruler-osx64
645b51a45bcb65a278a09e4e53867d762cec34055f8060a1a161358c6b1cf3fd  ruler-osx64

2.4.0

03 May 09:58
19abcd8
Compare
Choose a tag to compare

This is a big release and contains numerous fixes and additions thanks to Roman Maksimov (@rmaksimov).

Fixes:

  • #112 - fix fragmentation bug; remove an unnecessary code in SplitData function
  • #113 - fixes HTTP WWW-Authentication header parsing. Case sensitive parsing of the Authorization header gave false authorization failures
  • #114 - fixes authentication bug that existed for the usage of --basic. Smarter auto authnetication scheme selection
  • #115 - fixes autodiscover cache creation. Valid cache was being overwritten with empty file when autodiscover failed
  • #117 - fix 503 RPC error that occurred due to extra Cookie header and bad line-breaks (hopefully fixes issue #51)
  • #118 - misc error details improvements and code clean-up

Additions:

  • #116 - adds a --hostname option that allows controlling the Workstation name that gets sent in NTLM authentication attempts
  • #118 - adds --useragent for controlling the user-agent sent in HTTP headers
$ make compile
# 32-bit
# Linux
GOOS=linux GOARCH=386 go build -o ruler-linux86
sha256sum  ruler-linux86 
4b715d5b2540089cbfe911af30dae286ab8323bae507e232b5742410eac36e93  ruler-linux86
# Windows
GOOS=windows GOARCH=386 go build -o ruler-win86.exe 
sha256sum  ruler-win86.exe 
27eefea75b640ff25512afbc539354e5baea063dc76753aa159e22dbd2734704  ruler-win86.exe
# OSX
GOOS=darwin GOARCH=386 go build -o ruler-osx86
sha256sum  ruler-osx86
8bd775dc764f0eced8af39c7d319c70ed49ee09fb5013e630b5874cf0b468445  ruler-osx86
# 64-bit
# Linux
GOOS=linux GOARCH=amd64 go build -o ruler-linux64
sha256sum  ruler-linux64      
6a473fdd9b5e22a70f9784a1cbbae071acfe06f1d92f4c477113d8bec0017a4e  ruler-linux64
# Windows
GOOS=windows GOARCH=amd64 go build -o ruler-win64.exe  
sha256sum  ruler-win64.exe
d82200193144a6541d1883c94ab208c4e8811f6358de5e914b7673573c7345d6  ruler-win64.exe
GOOS=darwin GOARCH=amd64 go build -o ruler-osx64
sha256sum  ruler-osx64
62085757bec1686a33d219bd28a3a65e92bd07988cd0284492becd083cf351f4  ruler-osx64
# Download and check the sha256sum.
$ curl -fSL "https://github.com/sensepost/ruler/releases/download/2.4.0/ruler-linux64" -o "/usr/local/bin/ruler" \
	&& echo "${RULER_SHA256}  /usr/local/bin/ruler" | sha256sum -c - \
	&& chmod a+x "/usr/local/bin/ruler"

rmaksimov edition

17 Feb 18:15
2180df1
Compare
Choose a tag to compare

Introduces fixes and improvements from @rmaksimov 🚀

Updates - Thanks for all the enhancement suggestions!

01 Nov 13:18
Compare
Choose a tag to compare

This fixes a few small bugs, most pertinently the fact that some rules would cause Ruler to crash during the "display rules" phase.

Added some enhancements that were suggested through the issues tracker. Thanks!

  • adds --proxy support for brute forcing
  • displays progress during brute force
  • uses username as password during brute force (once all possible username/password combinations have been tried. Does not apply to --userpass)
  • Tries to use InternalURL if there is no ExternalURL available in the autodiscover.xml

EkoParty

11 Oct 07:33
Compare
Choose a tag to compare

Release of Ruler with new features as discussed at EkoParty.

  • Adds the "homepage" attack
  • Code clean-up and fixes
  • Brute-force should be less likely to segfault or give mutex issues

Latest

10 Aug 10:34
Compare
Choose a tag to compare

Adds the autodiscover (thanks @singe)

This attempts to reveal the autodiscover URL and will tell you if the domain is a valid tenant on Office 365 or not.

Usage:

./ruler --domain targetdomain.com autodiscover
[+] Looks like the autodiscover service is at: https://autodiscover.targetdomain.com/autodiscover/autodiscover.xml 
[+] Checking if domain is hosted on Office 365
[+] Domain is hosted on Office 365

Debug and Proxy options

07 Jun 08:23
Compare
Choose a tag to compare

This adds both the --debug and --proxy flags.

Using the proxy flag allows setting of an upstream proxy. This does not work for RPC/HTTP at the moment. You might have issues with NTLM auth as well, depending on the upstream proxy configuration (eg Burp causes issues).

Usage:
--proxy "https://10.10.0.1:8080" or --proxy "https://user:pass@10.10.0.1:8080"

The debug option allows for dumping of traffic when something goes wrong. This needs to be expanded to dump additional traffic and allow for dumping to a file.

Adds a fix for forms. Newer forms weren't adding "End Function" to the --rule version. This was due to a code refactor

Bleeding Edge

05 May 13:45
Compare
Choose a tag to compare

Bleeding edge release. With fixed RPC and ability to add manual config file.

Form Mania with fixes

04 May 13:48
Compare
Choose a tag to compare

Fixes a few niggles with forms being displayed and deleted.
Fixes brute force not following redirects for Office365