Merge pull request #258 from GoSecure/vnext-release-notes

Preparing 1.0.0 Release
GoSecure · Oct 20, 2020 · 4a7143d · 4a7143d
2 parents 93ca836 + 59fb38b
commit 4a7143d
Show file tree

Hide file tree

Showing 4 changed files with 83 additions and 58 deletions.
diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc
@@ -6,52 +6,77 @@
 This document provides a high-level view of the changes introduced in {project-name} by release.
 For a detailed view of what has changed, refer to the {uri-repo}/commits/master[commit history] on GitHub.
 
-== <master> - <unreleased>
+== 1.0.0 - 2020-10-19
+
+We added many interesting features in the last couple of months and have used this tool in enough contexts to officially mark it as stable.
+Some of the noteworthy features are described https://www.gosecure.net/blog/2020/10/20/announcing-pyrdp-1/[in our announcement blog post].
+
+This release has a dedicated SecTor 2020 presentation: https://sector.ca/sessions/achieving-pyrdp-1-0-the-remote-desktop-pwnage-mitm-and-library/[ACHIEVING PYRDP 1.0 – THE REMOTE DESKTOP PWNAGE MITM AND LIBRARY].
 
 === Enhancements
 
-* Added support for dynamic certificate cloning when no certificate is specified. ({uri-issue}94[#94])
-* `pyrdp-mitm` now carves and saves files transferred via clipboard ({uri-issue}100[#100])
+*Tools*
+
 * Introduced the `pyrdp-convert` tool to convert between pcaps, PyRDP replay files and MP4 video files.
   Read link:README.md#using-pyrdp-convert[its section in the README for details].
   See {uri-issue}199[#199], {uri-issue}188[#188] and {uri-issue}170[#170].
-* `pyrdp-player` can now run in headless mode (`--headless`).
+
+*Player*
+
+* New `--headless` mode to output replay data to the terminal.
   All GUI dependencies are now optional enabling further Docker image size reduction.
   See {uri-issue}151[#151], {uri-issue}163[#163] and {uri-issue}190[#190].
-* `pyrdp-player` now support window scaling of the RDP session ({uri-issue}101[#101], {uri-issue}208[#208])
-* Added support for the GDI graphics pipeline which is enabled by default.
-  The `--no-gdi` switch was also added to disable GDI.
-  See {uri-issue}50[#50] and {uri-issue}209[#209] for details.
+* Added window scaling support for session replays ({uri-issue}101[#101], {uri-issue}208[#208])
+
+*MITM*
+
+* Added support for dynamic certificate cloning when no certificate is specified. ({uri-issue}94[#94], {uri-issue}243[#243]).
+  This is enabled by default and can be overridden through the existing `-c` and `-k` arguments.
+* File interception now saves files transferred via clipboard copy/paste ({uri-issue}100[#100])
 * Added a transparent proxy mode where source or destination packets are unaltered from the client or the server's perspective.
-  Read link:docs/transparent-proxy.md[the feature's documentation for setup and details.].
-  Also see {uri-issue}197[#197], {uri-issue}204[#204] and {uri-issue}205[#205].
-* Loosen up TLS version checks to allow a broader set of clients and server ({uri-issue}192[#192], {uri-issue}193[#193])
-* Explicitly disabled TLS 1.3 for now since we don't (can't?) record TLS 1.3 master secrets yet ({uri-issue}116[#116], {uri-issue}193[#193])
-* All logging can be customized using configuration files ({uri-issue}191[#191])
-* Added `sessionID` to replay filename ({uri-issue}180[#180])
-* Added `replayfilename` to the connection report log entry ({uri-issue}180[#180])
+  See link:docs/transparent-proxy.md[feature documentation for details and usage examples].
+  See also {uri-issue}197[#197], {uri-issue}204[#204], {uri-issue}205[#205] and {uri-issue}239[#239].
+* Added support for Network Level Authentication (NLA) by passing CredSSP authentication untouched.
+  Activate it with the `--auth ssp` switch.
+  It requires the RDP server's private key which must be given to PyRDP.
+  See {uri-issue}229[#229] for details.
+* Support for 32-bit x86 operating systems when not using the graphical interface ({uri-issue}150[#150])
 * Added a `twistd` plugin ({uri-issue}174[#174], {uri-issue}177[#177], {uri-issue}191[#191])
-* Support for 32-bit x86 operating systems now that the GUI is optional ({uri-issue}150[#150])
-* Documentation updates and fixes ({uri-issue}165[#165], {uri-issue}166[#166], {uri-issue}172[#172])
-* Added `--disable-active-clipboard` switch to prevent clipboard request injection
-* Added `--no-downgrade` switch to prevent protocol downgrading where possible {uri-issue}189[#189]
-* Added `--no-files` switch to prevent extracting transferred files {uri-issue}195[#195]
-* PyRDP no longer create replay files for garbage sessions with less than 19 bytes ({uri-issue}169[#169], {uri-issue}207[#207])
+* Loosen up TLS version checks to allow a broader set of clients and server ({uri-issue}192[#192], {uri-issue}193[#193])
+* Explicitly disabled TLS 1.3 for now since we don't record TLS 1.3 master secrets yet ({uri-issue}116[#116], {uri-issue}193[#193])
+* Logging can be customized using configuration files ({uri-issue}191[#191])
+* Improvements on log correlation ({uri-issue}180[#180]):
+  - Added `replayfilename` to the connection report log entry
+  - Added `sessionID` to replay filename
+* Added several switches to selectively disable features of PyRDP:
+  - `--disable-active-clipboard` switch to prevent clipboard request injection
+  - `--no-downgrade` switch to prevent protocol downgrading where possible {uri-issue}189[#189]
+  - `--no-files` switch to prevent extracting transferred files {uri-issue}195[#195]
+* Added support for the GDI graphics as the default graphics pipeline.
+  The `--no-gdi` switch was added to force the previous behavior (bitmaps).
+  See {uri-issue}50[#50] and {uri-issue}209[#209] for details.
 
 === Bug fixes
 
 * Python 3.8 supported by fixing a logging.Formatter misuse ({uri-issue}176[#176])
-* Fixed stack traces in the player when attempting to print strings with ending null character ({uri-issue}182[#182])
-* Remove NLA argument from `pyrdp-mitm`.
-  It was never supported and thus misleading.
+* PyRDP no longer creates replay files for sessions with no activity ({uri-issue}169[#169], {uri-issue}207[#207])
+* Fixed stack traces in the player when attempting to print strings ending with a null character ({uri-issue}182[#182])
+* Removed NLA argument from `pyrdp-mitm`
+* Updated and clarified documentation ({uri-issue}165[#165], {uri-issue}166[#166], {uri-issue}172[#172])
 
 === Infrastructure
 
+* Docker images are now based on Ubuntu 20.04 ({uri-issue}251[#251])
 * Docker image size reduced and split in default and `-slim` variants ({uri-issue}173[#173], {uri-issue}198[#198])
-* Better use of Docker caching for faster development iterations ({uri-issue}217[#217], {uri-issue}219[#219])
-* Default Docker Compose command now `pyrdp-mitm -h` to avoid confusing crash on `docker-compose up` ({uri-issue}173[#173])
-* Docker image now on Ubuntu 20.04 ({uri-issue}251[#251])
-* Added continuous integration leveraging GitHub Actions that builds the docker image and runs an integration test on both Ubuntu and Windows ({uri-issue}194[#194], {uri-issue}201[#201], {uri-issue}202[#202])
+* Improved docker caching for faster development iterations ({uri-issue}217[#217], {uri-issue}219[#219])
+* Changed default docker compose command now `pyrdp-mitm -h` to avoid confusing crash on `docker-compose up` ({uri-issue}173[#173])
+* Added continuous integration with GitHub Actions that builds docker images and runs basic smoke tests ({uri-issue}194[#194], {uri-issue}201[#201], {uri-issue}202[#202], {uri-issue}253[#253])
+
+=== Credits
+
+Thanks to the following people who contributed to this release:
+
+Olivier Bilodeau (@obilodeau), Alexandre Beaulieu (@alxbl), Émilio Gonzalez (@res260), Francis Labelle (@xshill), @robeving, @sotebob
 
 
 == 0.4.1 - 2019-11-03

diff --git a/requirements-slim.txt b/requirements-slim.txt
@@ -1,24 +1,24 @@
-appdirs==1.4.3
-attrs==19.3.0
+appdirs==1.4.4
+attrs==20.2.0
 Automat==20.2.0
-cffi==1.14.0
+cffi==1.14.3
 constantly==15.1.0
-cryptography==2.9
-hyperlink==19.0.0
-idna==2.9
+cryptography==2.9.2
+hyperlink==20.0.1
+idna==2.10
 incremental==17.5.0
 names==0.3.0
-progressbar2==3.51.3
+progressbar2==3.53.1
 pyasn1==0.4.8
 pyasn1-modules==0.2.8
 pycparser==2.20
-pycryptodome==3.9.7
+pycryptodome==3.9.8
 PyHamcrest==2.0.2
 pyOpenSSL==19.1.0
-pytz==2019.3
-rsa==4.0
-scapy==2.4.3
+pytz==2020.1
+rsa==4.6
+scapy==2.4.4
 service-identity==18.1.0
-six==1.14.0
+six==1.15.0
 Twisted==20.3.0
-zope.interface==5.1.0
+zope.interface==5.1.2
diff --git a/requirements.txt b/requirements.txt
@@ -1,32 +1,32 @@
-appdirs==1.4.3
-attrs==19.3.0
+appdirs==1.4.4
+attrs==20.2.0
 Automat==20.2.0
 av==8.0.2
-cffi==1.14.0
+cffi==1.14.3
 constantly==15.1.0
-cryptography==2.9
+cryptography==2.9.2
 dbus-python==1.2.16
-hyperlink==19.0.0
-idna==2.9
+hyperlink==20.0.1
+idna==2.10
 incremental==17.5.0
 names==0.3.0
 notify2==0.3.1
-Pillow==7.2.0
+Pillow==8.0.0
 pillowcase==2.0.0
-progressbar2==3.51.4
+progressbar2==3.53.1
 pyasn1==0.4.8
 pyasn1-modules==0.2.8
 pycparser==2.20
-pycryptodome==3.9.7
+pycryptodome==3.9.8
 PyHamcrest==2.0.2
 pyOpenSSL==19.1.0
-PySide2==5.14.2
+PySide2==5.15.1
 python-utils==2.4.0
-pytz==2019.3
-rsa==4.0
-scapy==2.4.3
+pytz==2020.1
+rsa==4.6
+scapy==2.4.4
 service-identity==18.1.0
-shiboken2==5.14.2
-six==1.14.0
+shiboken2==5.15.1
+six==1.15.0
 Twisted==20.3.0
-zope.interface==5.1.0
+zope.interface==5.1.2
diff --git a/setup.py b/setup.py
@@ -12,7 +12,7 @@
 from distutils.core import Extension, setup
 
 setup(name='pyrdp',
-    version='0.99.1.dev0',
+    version='1.0.0',
     description='Remote Desktop Protocol Man-in-the-Middle and library for Python 3',
     long_description="""Remote Desktop Protocol Man-in-the-Middle and library for Python 3""",
     author='Émilio Gonzalez, Francis Labelle',