Impacket

0.13.0 · active · verified Tue Apr 14

Impacket is a collection of Python classes and scripts for working with network protocols. It provides programmatic access to low-level protocol details, allowing users to construct and parse packets for protocols like SMB, DCE/RPC, LDAP, and Kerberos. Widely used in penetration testing and security research, it enables interacting with network services, performing authentication, and exploiting protocol-level vulnerabilities. The current version is 0.13.0, with regular updates addressing new features and security fixes.

Warnings

breaking Impacket versions 0.9.20 and later are exclusively Python 3. If upgrading from older versions (pre-0.9.20), significant code changes may be required for Python 2 compatibility.
Fix: Ensure your environment uses Python 3.7+ and adapt any Python 2 specific code constructs.
breaking NTLMv1 challenge/response authentication has been deprecated and removed due to security vulnerabilities. Attempts to use NTLMv1 will fail.
Fix: Migrate to NTLMv2 or Kerberos for authentication. Ensure target systems support stronger authentication protocols.
breaking The `impacket.msdcerpc` module was merged into `impacket.dcerpc.v5` for better organization. Imports from `impacket.msdcerpc` will no longer work.
Fix: Update all imports from `impacket.msdcerpc` to `impacket.dcerpc.v5`. For example, `from impacket.msdcerpc.v5 import dcomrt` becomes `from impacket.dcerpc.v5 import dcomrt`.
gotcha Many Impacket functionalities, especially those related to Kerberos, require specific DNS configurations or KDC (Key Distribution Center) host information to be correctly resolved or provided.
Fix: Ensure proper DNS resolution for target domains/hosts or explicitly provide KDC host information where applicable (e.g., in `SMBConnection` constructor or Kerberos functions).

Install

pip install impacket Install stable version

Imports

SMBConnection
```
from impacket.smb import SMBConnection
```
Commonly used for interacting with SMB services.
LDAPSession
```
from impacket.ldap import LDAPSession
```
For interacting with LDAP servers.
dcerpc
```
from impacket.dcerpc.v5 import dcerpc
```
The `msdcerpc` module was merged into `dcerpc` in version 0.10.0.

Quickstart

This quickstart demonstrates how to establish an SMB connection, authenticate, and list available shares using `impacket.smb.SMBConnection`. It fetches sensitive information from environment variables for security and flexibility.

import os
from impacket.smb import SMBConnection

# --- Configuration (replace with your environment variables or actual values) ---
TARGET_IP = os.environ.get('IMPACKET_TARGET_IP', '127.0.0.1')
USERNAME = os.environ.get('IMPACKET_USERNAME', 'guest')
PASSWORD = os.environ.get('IMPACKET_PASSWORD', '')
DOMAIN = os.environ.get('IMPACKET_DOMAIN', '') # Often empty for local accounts

if not TARGET_IP:
    print("Please set IMPACKET_TARGET_IP environment variable or replace '127.0.0.1' with an actual SMB server IP.")
    exit(1)

try:
    print(f"Attempting to connect to SMB share on {TARGET_IP} as {DOMAIN}\\{USERNAME}...")
    smb_conn = SMBConnection(TARGET_IP, TARGET_IP)
    smb_conn.login(USERNAME, PASSWORD, DOMAIN)
    print("Login successful!")

    shares = smb_conn.listShares()
    print("\nAvailable Shares:")
    for share in shares:
        print(f"  - {share['name'].decode('utf-8')}")

    smb_conn.logoff()
    print("\nLogged off.")

except Exception as e:
    print(f"An error occurred: {e}")
    print("Please ensure the target SMB server is reachable and credentials are correct.")
    print("For a quick test, you might need a local SMB server (e.g., Samba on Linux, or Windows share).")

view raw JSON →