2.0.0

Differences between the new ldap_shell version and the old implementation

The new version of ldap_shell represents a significant upgrade compared to the old implementation based on Impacket. Here are the key differences:

Architectural Changes

• Completely redesigned modular architecture: instead of monolithic code, each function is separated into an individual module in the ldap_modules directory
• Improved separation of concerns: clear distinction between command execution logic and user interface
• Support for different operation modes: added non-interactive mode for use in scripts and automation

Functional Improvements

• Extended command set: significantly increased arsenal of available operations for working with Active Directory
• LAPS 2.0 support: added ability to retrieve and manage passwords from the new LAPS version
• Advanced attack techniques: included methods for exploiting Shadow Credentials, RBCD, and other modern techniques
• Improved LDAPS handling: automatic switching to TLS when necessary

Technical Enhancements

• Enhanced error handling: more informative error messages and logging
• Command auto-completion system: intelligent auto-completion for ease of use
• AD object caching: reduced load on domain controllers and improved performance
• Command history management: history preservation between sessions for convenience

Integration and Extensibility

• Simple extension system: ability to add new modules without modifying the core code
• Use of modern Python libraries: integration with pydantic for data validation
• Script support: ability to run commands from scripts or using pipelines
• The new implementation significantly simplifies code maintenance, addition of new features, and bug fixing, making the tool more powerful and flexible for security professionals and administrators.

1.0.0

The old version of ldap_shell methods in the impacket_ldap_shell.py file are backwards compatible with @SecureAuthCorp/impacket/ldap_shell.py.