Updated to v1.1.26.

James Forshaw · James Forshaw · commit a0e59489e399 · 2020-01-21T13:57:47.000-08:00
diff --git a/NtApiDotNet/NtApiDotNet.Core.csproj b/NtApiDotNet/NtApiDotNet.Core.csproj
@@ -7,8 +7,8 @@
     <Authors>James Forshaw</Authors>
     <Company>Google Inc.</Company>
     <Product>NtApiDotNet</Product>
-    <FileVersion>1.1.25.0</FileVersion>
-    <Copyright>Copyright © Google Inc. 2016, 2017, 2018, 2019</Copyright>
+    <FileVersion>1.1.26.0</FileVersion>
+    <Copyright>Copyright © Google Inc. 2016-2020</Copyright>
     <AssemblyVersion>1.0.0.0</AssemblyVersion>
     <PackageLicenseUrl>https://www.apache.org/licenses/LICENSE-2.0</PackageLicenseUrl>
     <RepositoryUrl>https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools</RepositoryUrl>
diff --git a/NtApiDotNet/NtApiDotNet.nuspec b/NtApiDotNet/NtApiDotNet.nuspec
@@ -11,19 +11,27 @@
     <requireLicenseAcceptance>false</requireLicenseAcceptance>
     <description>A .NET class library to access native NT API system calls</description>
     <releaseNotes>
-1.1.24
+1.1.26
 --------
-* Added Add-NtTokenSecurityAttribute and Remove-NtTokenSecurityAttribute cmdlets.
-* Added additional properties for running servies.
-* Added support for drivers to Get-RunningService and Get-AccesibleService.
-* Added fake service NtType objects for services and SCM to allow formatting and the UI.
-* Added NtType property to security descriptors.
-* Added option to Show-NtToken to elevate to admin.
-* Added Suspend, Resume and Stop process commands.
-* Added Get-NtEaBuffer and Set-NtEaBuffer commands.
-* Added open to Get-NtDebug to get from a process.
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
 </releaseNotes>
-    <copyright>Copyright Google Inc. 2017, 2018, 2019</copyright>
+    <copyright>Copyright Google Inc. 2016-2020</copyright>
     <tags>syscalls</tags>
   </metadata>
 </package>
diff --git a/NtApiDotNet/Properties/AssemblyInfo.cs b/NtApiDotNet/Properties/AssemblyInfo.cs
@@ -9,7 +9,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("Google Inc.")]
 [assembly: AssemblyProduct("NtApiDotNet")]
-[assembly: AssemblyCopyright("Copyright © Google Inc. 2016, 2017, 2018, 2019")]
+[assembly: AssemblyCopyright("Copyright © Google Inc. 2016-2020")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -32,5 +32,5 @@
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
 [assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.1.25.0")]
-[assembly: AssemblyInformationalVersion("1.1.25")]
+[assembly: AssemblyFileVersion("1.1.26.0")]
+[assembly: AssemblyInformationalVersion("1.1.26")]
diff --git a/NtObjectManager/NtObjectManager.Core.csproj b/NtObjectManager/NtObjectManager.Core.csproj
@@ -7,8 +7,8 @@
     <Authors>James Forshaw</Authors>
     <Company>Google Inc.</Company>
     <Product>NtObjectManager</Product>
-    <FileVersion>1.1.25.0</FileVersion>
-    <Copyright>Copyright © Google Inc. 2016, 2017, 2018, 2019</Copyright>
+    <FileVersion>1.1.26.0</FileVersion>
+    <Copyright>Copyright © Google Inc. 2016-2020</Copyright>
     <AssemblyVersion>1.0.0.0</AssemblyVersion>
     <PackageLicenseUrl>https://www.apache.org/licenses/LICENSE-2.0</PackageLicenseUrl>
     <RepositoryUrl>https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools</RepositoryUrl>
diff --git a/NtObjectManager/NtObjectManager.psd1 b/NtObjectManager/NtObjectManager.psd1
@@ -18,7 +18,7 @@
 RootModule = 'NtObjectManager.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.1.25'
+ModuleVersion = '1.1.26'
 
 # ID used to uniquely identify this module
 GUID = 'ac251c97-67a6-4bc4-bb8a-5ae300e93030'
@@ -30,7 +30,7 @@ Author = 'James Forshaw'
 CompanyName = 'Google Inc.'
 
 # Copyright statement for this module
-Copyright = '(c) 2016, 2017, 2018, 2019 Google Inc. All rights reserved.'
+Copyright = '(c) 2016-2020 Google Inc. All rights reserved.'
 
 # Description of the functionality provided by this module
 Description = 'This module adds a provider and cmdlets to access the NT object manager namespace.'
@@ -117,14 +117,25 @@ PrivateData = @{
         ProjectUri = 'https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools'
 
         # ReleaseNotes of this module
-        ReleaseNotes = '1.1.25
+        ReleaseNotes = '1.1.26
 --------
-* Added new options to Get-NtSecurityDescriptor.
-* Updated accessible resource checking.
-* Added Remove-NtTokenPrivilege.
-* Added Session option to Get-NtToken.
-* Added command line option to Show-NtToken.
-* Added information classes for symbolic links.
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
 '
 
         # External dependent modules of this module
diff --git a/NtObjectManager/Properties/AssemblyInfo.cs b/NtObjectManager/Properties/AssemblyInfo.cs
@@ -9,7 +9,7 @@
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("Google Inc.")]
 [assembly: AssemblyProduct("NtObjectManager")]
-[assembly: AssemblyCopyright("Copyright © Google Inc. 2016, 2017, 2018, 2019")]
+[assembly: AssemblyCopyright("Copyright © Google Inc. 2016-2020")]
 [assembly: AssemblyTrademark("")]
 [assembly: AssemblyCulture("")]
 
@@ -32,5 +32,5 @@
 // by using the '*' as shown below:
 // [assembly: AssemblyVersion("1.0.*")]
 [assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.1.25.0")]
-[assembly: AssemblyInformationalVersion("1.1.25")]
+[assembly: AssemblyFileVersion("1.1.26.0")]
+[assembly: AssemblyInformationalVersion("1.1.26")]
diff --git a/README.txt b/README.txt
@@ -1,6 +1,6 @@
 sandbox-attacksurface-analysis-tools
 
-(c) Google Inc. 2015, 2016, 2017, 2018, 2019
+(c) Google Inc. 2015, 2016, 2017, 2018, 2019, 2020
 Developed by James Forshaw
 
 This is a small suite of PowerShell tools to test various properties of sandboxes on Windows. Many of the
@@ -46,6 +46,26 @@ Thanks to the people who were willing to test it and give feedback:
 
 Release Notes:
 
+1.1.26
+--------
+* Add DeviceGuid to Get/New-NtFile
+* Fixed bug in ETA registrations and added GUID enumeration.
+* Added SetExceptionPort to NtProcess.
+* Added child process mitigation improvements.
+* Added extended Fork.
+* Updated native process creation support.
+* Various new non-throwing methods.
+* Updated to C# 7.3.
+* Added list of access rights to NtType.
+* Added default mandatory policy to NtType.
+* Added SetDisposition methods to NtFile.
+* Added console and GUI support for Object ACEs.
+* Updated access checking to support Object Types.
+* Access check returns a structure rather than just an access mask.
+* CPP style NDR formatting (#21)
+* Added Get-NtTokenPrivilege command.
+* Added Get-NtLocallyUniqueId command.
+
 1.1.25
 --------
 * Added new options to Get-NtSecurityDescriptor.
